diff --git a/Makefile b/Makefile index 11bb542821a..531336a34a0 100644 --- a/Makefile +++ b/Makefile @@ -168,7 +168,7 @@ CRD_ROOT ?= $(MANIFEST_ROOT)/crd/bases WEBHOOK_ROOT ?= $(MANIFEST_ROOT)/webhook RBAC_ROOT ?= $(MANIFEST_ROOT)/rbac ASO_CRDS_PATH := $(MANIFEST_ROOT)/aso/crds.yaml -ASO_VERSION := v2.9.0 +ASO_VERSION := v2.11.0 ASO_CRDS := resourcegroups.resources.azure.com natgateways.network.azure.com managedclusters.containerservice.azure.com managedclustersagentpools.containerservice.azure.com bastionhosts.network.azure.com virtualnetworks.network.azure.com virtualnetworkssubnets.network.azure.com privateendpoints.network.azure.com fleetsmembers.containerservice.azure.com extensions.kubernetesconfiguration.azure.com # Allow overriding the imagePullPolicy diff --git a/config/aso/crds.yaml b/config/aso/crds.yaml index 0d788bd54f5..f17a5af01e8 100644 --- a/config/aso/crds.yaml +++ b/config/aso/crds.yaml @@ -3,10 +3,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 + app.kubernetes.io/version: v2.11.0 name: bastionhosts.network.azure.com spec: conversion: @@ -162,6 +162,72 @@ spec: location: description: 'Location: Resource location.' type: string + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object owner: description: |- Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also @@ -397,8 +463,8 @@ spec: type: string publicIPAddress: description: |- - Storage version of v1api20220701.BastionHostSubResource - Reference to another subresource. + Storage version of v1api20220701.SubResource + Reference to another ARM resource. properties: $propertyBag: additionalProperties: @@ -430,8 +496,8 @@ spec: type: object subnet: description: |- - Storage version of v1api20220701.BastionHostSubResource - Reference to another subresource. + Storage version of v1api20220701.SubResource + Reference to another ARM resource. properties: $propertyBag: additionalProperties: @@ -465,6 +531,77 @@ spec: type: array location: type: string + operatorSpec: + description: |- + Storage version of v1api20220701.BastionHostOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object originalVersion: type: string owner: @@ -624,41 +761,9 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 - labels: - app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: extensions.kubernetesconfiguration.azure.com -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: azureserviceoperator-webhook-service - namespace: azureserviceoperator-system - path: /convert - port: 443 - conversionReviewVersions: - - v1 - group: kubernetesconfiguration.azure.com - names: - kind: Extension - listKind: ExtensionList - plural: extensions - singular: extension - preserveUnknownFields: false - scope: Namespaced - versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready @@ -672,13 +777,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230501 + name: v1api20240301 schema: openAPIV3Schema: description: |- Generator information: - - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/bastionHost.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName} properties: apiVersion: description: |- @@ -699,214 +804,253 @@ spec: type: object spec: properties: - aksAssignedIdentity: - description: 'AksAssignedIdentity: Identity of the Extension resource in an AKS cluster' - properties: - type: - description: 'Type: The identity type.' - enum: - - SystemAssigned - - UserAssigned - type: string - type: object - autoUpgradeMinorVersion: - description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' - type: boolean azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - configurationProtectedSettings: - description: |- - ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this - extension. - properties: - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - name - type: object - configurationSettings: - additionalProperties: - type: string - description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' - type: object - extensionType: - description: |- - ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types - registered with Microsoft.KubernetesConfiguration by the Extension publisher. + disableCopyPaste: + description: 'DisableCopyPaste: Enable/Disable Copy/Paste feature of the Bastion Host resource.' + type: boolean + dnsName: + description: 'DnsName: FQDN for the endpoint on which bastion host is accessible.' type: string - identity: - description: 'Identity: Identity of the Extension resource' + enableFileCopy: + description: 'EnableFileCopy: Enable/Disable File Copy feature of the Bastion Host resource.' + type: boolean + enableIpConnect: + description: 'EnableIpConnect: Enable/Disable IP Connect feature of the Bastion Host resource.' + type: boolean + enableKerberos: + description: 'EnableKerberos: Enable/Disable Kerberos feature of the Bastion Host resource.' + type: boolean + enableSessionRecording: + description: 'EnableSessionRecording: Enable/Disable Session Recording feature of the Bastion Host resource.' + type: boolean + enableShareableLink: + description: 'EnableShareableLink: Enable/Disable Shareable Link of the Bastion Host resource.' + type: boolean + enableTunneling: + description: 'EnableTunneling: Enable/Disable Tunneling feature of the Bastion Host resource.' + type: boolean + ipConfigurations: + description: 'IpConfigurations: IP configuration of the Bastion Host resource.' + items: + description: IP configuration of an Bastion Host. + properties: + name: + description: 'Name: Name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + privateIPAllocationMethod: + description: 'PrivateIPAllocationMethod: Private IP allocation method.' + enum: + - Dynamic + - Static + type: string + publicIPAddress: + description: 'PublicIPAddress: Reference of the PublicIP resource.' + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + subnet: + description: 'Subnet: Reference of the subnet resource.' + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + required: + - publicIPAddress + - subnet + type: object + type: array + location: + description: 'Location: Resource location.' + type: string + networkAcls: properties: - type: - description: 'Type: The identity type.' - enum: - - SystemAssigned - type: string + ipRules: + description: 'IpRules: Sets the IP ACL rules for Developer Bastion Host.' + items: + properties: + addressPrefix: + description: 'AddressPrefix: Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.' + type: string + type: object + type: array type: object operatorSpec: description: |- OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure properties: - configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' - properties: - principalId: - description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array type: object owner: description: |- Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an - extension resource, which means that any other Azure resource can be its owner. + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: - description: Ownership across namespaces is not supported. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string name: description: This is the name of the Kubernetes resource to reference. type: string type: object - plan: - description: 'Plan: The plan information.' + scaleUnits: + description: 'ScaleUnits: The scale units for the Bastion Host resource.' + maximum: 50 + minimum: 2 + type: integer + sku: + description: 'Sku: The sku of this Bastion Host.' properties: name: - description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' - type: string - product: - description: |- - Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the - artifact at the time of Data Market onboarding. - type: string - promotionCode: - description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' - type: string - publisher: - description: 'Publisher: The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic' - type: string - version: - description: 'Version: The version of the desired product/artifact.' + description: 'Name: The name of the sku of this Bastion Host.' + enum: + - Basic + - Developer + - Premium + - Standard type: string - required: - - name - - product - - publisher type: object - releaseTrain: - description: |- - ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if - autoUpgradeMinorVersion is 'true'. - type: string - scope: - description: 'Scope: Scope at which the extension is installed.' + tags: + additionalProperties: + type: string + description: 'Tags: Resource tags.' + type: object + virtualNetwork: + description: 'VirtualNetwork: Reference to an existing virtual network required for Developer Bastion Host only.' properties: - cluster: - description: 'Cluster: Specifies that the scope of the extension is Cluster' + reference: + description: 'Reference: Resource ID.' properties: - releaseNamespace: + armId: description: |- - ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this - namespace does not exist, it will be created + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - type: object - namespace: - description: 'Namespace: Specifies that the scope of the extension is Namespace' - properties: - targetNamespace: - description: |- - TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace - does not exist, it will be created + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object type: object - systemData: - description: |- - SystemData: Top level metadata - https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources - properties: - createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' - type: string - createdBy: - description: 'CreatedBy: The identity that created the resource.' - type: string - createdByType: - description: 'CreatedByType: The type of identity that created the resource.' - enum: - - Application - - Key - - ManagedIdentity - - User - type: string - lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' - type: string - lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' - type: string - lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' - enum: - - Application - - Key - - ManagedIdentity - - User - type: string - type: object - version: - description: |- - Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion - must be 'false'. - type: string + zones: + description: 'Zones: A list of availability zones denoting where the resource needs to come from.' + items: + type: string + type: array required: - owner type: object status: - description: The Extension object. + description: Bastion Host resource. properties: - aksAssignedIdentity: - description: 'AksAssignedIdentity: Identity of the Extension resource in an AKS cluster' - properties: - principalId: - description: 'PrincipalId: The principal ID of resource identity.' - type: string - tenantId: - description: 'TenantId: The tenant ID of resource.' - type: string - type: - description: 'Type: The identity type.' - type: string - type: object - autoUpgradeMinorVersion: - description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' - type: boolean conditions: description: 'Conditions: The observed state of the resource' items: @@ -951,221 +1095,97 @@ spec: - type type: object type: array - configurationProtectedSettings: - additionalProperties: - type: string - description: |- - ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this - extension. - type: object - configurationSettings: - additionalProperties: - type: string - description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' - type: object - currentVersion: - description: 'CurrentVersion: Currently installed version of the extension.' + disableCopyPaste: + description: 'DisableCopyPaste: Enable/Disable Copy/Paste feature of the Bastion Host resource.' + type: boolean + dnsName: + description: 'DnsName: FQDN for the endpoint on which bastion host is accessible.' type: string - customLocationSettings: - additionalProperties: - type: string - description: 'CustomLocationSettings: Custom Location settings properties.' - type: object - errorInfo: - description: 'ErrorInfo: Error information from the Agent - e.g. errors during installation.' + enableFileCopy: + description: 'EnableFileCopy: Enable/Disable File Copy feature of the Bastion Host resource.' + type: boolean + enableIpConnect: + description: 'EnableIpConnect: Enable/Disable IP Connect feature of the Bastion Host resource.' + type: boolean + enableKerberos: + description: 'EnableKerberos: Enable/Disable Kerberos feature of the Bastion Host resource.' + type: boolean + enableSessionRecording: + description: 'EnableSessionRecording: Enable/Disable Session Recording feature of the Bastion Host resource.' + type: boolean + enableShareableLink: + description: 'EnableShareableLink: Enable/Disable Shareable Link of the Bastion Host resource.' + type: boolean + enableTunneling: + description: 'EnableTunneling: Enable/Disable Tunneling feature of the Bastion Host resource.' + type: boolean + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' + type: string + id: + description: 'Id: Resource ID.' + type: string + ipConfigurations: + description: 'IpConfigurations: IP configuration of the Bastion Host resource.' + items: + description: IP configuration of an Bastion Host. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + location: + description: 'Location: Resource location.' + type: string + name: + description: 'Name: Resource name.' + type: string + networkAcls: properties: - additionalInfo: - description: 'AdditionalInfo: The error additional info.' + ipRules: + description: 'IpRules: Sets the IP ACL rules for Developer Bastion Host.' items: - description: The resource management error additional info. properties: - info: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' - type: object - type: - description: 'Type: The additional info type.' + addressPrefix: + description: 'AddressPrefix: Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.' type: string type: object type: array - code: - description: 'Code: The error code.' - type: string - details: - description: 'Details: The error details.' - items: - properties: - additionalInfo: - description: 'AdditionalInfo: The error additional info.' - items: - description: The resource management error additional info. - properties: - info: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' - type: object - type: - description: 'Type: The additional info type.' - type: string - type: object - type: array - code: - description: 'Code: The error code.' - type: string - message: - description: 'Message: The error message.' - type: string - target: - description: 'Target: The error target.' - type: string - type: object - type: array - message: - description: 'Message: The error message.' - type: string - target: - description: 'Target: The error target.' - type: string - type: object - extensionType: - description: |- - ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types - registered with Microsoft.KubernetesConfiguration by the Extension publisher. - type: string - id: - description: |- - Id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - type: string - identity: - description: 'Identity: Identity of the Extension resource' - properties: - principalId: - description: 'PrincipalId: The principal ID of resource identity.' - type: string - tenantId: - description: 'TenantId: The tenant ID of resource.' - type: string - type: - description: 'Type: The identity type.' - type: string type: object - isSystemExtension: - description: 'IsSystemExtension: Flag to note if this extension is a system extension' - type: boolean - name: - description: 'Name: The name of the resource' - type: string - packageUri: - description: 'PackageUri: Uri of the Helm package' + provisioningState: + description: 'ProvisioningState: The provisioning state of the bastion host resource.' type: string - plan: - description: 'Plan: The plan information.' + scaleUnits: + description: 'ScaleUnits: The scale units for the Bastion Host resource.' + type: integer + sku: + description: 'Sku: The sku of this Bastion Host.' properties: name: - description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' - type: string - product: - description: |- - Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the - artifact at the time of Data Market onboarding. - type: string - promotionCode: - description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' - type: string - publisher: - description: 'Publisher: The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic' - type: string - version: - description: 'Version: The version of the desired product/artifact.' + description: 'Name: The name of the sku of this Bastion Host.' type: string type: object - provisioningState: - description: 'ProvisioningState: Status of installation of this extension.' - type: string - releaseTrain: - description: |- - ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if - autoUpgradeMinorVersion is 'true'. + tags: + additionalProperties: + type: string + description: 'Tags: Resource tags.' + type: object + type: + description: 'Type: Resource type.' type: string - scope: - description: 'Scope: Scope at which the extension is installed.' + virtualNetwork: + description: 'VirtualNetwork: Reference to an existing virtual network required for Developer Bastion Host only.' properties: - cluster: - description: 'Cluster: Specifies that the scope of the extension is Cluster' - properties: - releaseNamespace: - description: |- - ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this - namespace does not exist, it will be created - type: string - type: object - namespace: - description: 'Namespace: Specifies that the scope of the extension is Namespace' - properties: - targetNamespace: - description: |- - TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace - does not exist, it will be created - type: string - type: object + id: + description: 'Id: Resource ID.' + type: string type: object - statuses: - description: 'Statuses: Status from this extension.' + zones: + description: 'Zones: A list of availability zones denoting where the resource needs to come from.' items: - description: Status from the extension. - properties: - code: - description: 'Code: Status code provided by the Extension' - type: string - displayStatus: - description: 'DisplayStatus: Short description of status of the extension.' - type: string - level: - description: 'Level: Level of the status.' - type: string - message: - description: 'Message: Detailed message of the status from the Extension.' - type: string - time: - description: 'Time: DateLiteral (per ISO8601) noting the time of installation status.' - type: string - type: object + type: string type: array - systemData: - description: |- - SystemData: Top level metadata - https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources - properties: - createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' - type: string - createdBy: - description: 'CreatedBy: The identity that created the resource.' - type: string - createdByType: - description: 'CreatedByType: The type of identity that created the resource.' - type: string - lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' - type: string - lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' - type: string - lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' - type: string - type: object - type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' - type: string - version: - description: |- - Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion - must be 'false'. - type: string type: object type: object served: true @@ -1185,14 +1205,14 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230501storage + name: v1api20240301storage schema: openAPIV3Schema: description: |- - Storage version of v1api20230501.Extension + Storage version of v1api20240301.BastionHost Generator information: - - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/bastionHost.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName} properties: apiVersion: description: |- @@ -1212,7 +1232,7 @@ spec: metadata: type: object spec: - description: Storage version of v1api20230501.Extension_Spec + description: Storage version of v1api20240301.BastionHost_Spec properties: $propertyBag: additionalProperties: @@ -1221,49 +1241,116 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - aksAssignedIdentity: - description: Storage version of v1api20230501.Extension_Properties_AksAssignedIdentity_Spec - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - type: - type: string - type: object - autoUpgradeMinorVersion: - type: boolean azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - configurationProtectedSettings: - description: |- - SecretMapReference is a reference to a Kubernetes secret in the same namespace as - the resource it is on. - properties: - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - name - type: object - configurationSettings: - additionalProperties: - type: string - type: object - extensionType: + disableCopyPaste: + type: boolean + dnsName: type: string - identity: - description: |- - Storage version of v1api20230501.Identity - Identity for the resource. + enableFileCopy: + type: boolean + enableIpConnect: + type: boolean + enableKerberos: + type: boolean + enableSessionRecording: + type: boolean + enableShareableLink: + type: boolean + enableTunneling: + type: boolean + ipConfigurations: + items: + description: |- + Storage version of v1api20240301.BastionHostIPConfiguration + IP configuration of an Bastion Host. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + privateIPAllocationMethod: + type: string + publicIPAddress: + description: |- + Storage version of v1api20240301.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + subnet: + description: |- + Storage version of v1api20240301.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: object + type: array + location: + type: string + networkAcls: + description: Storage version of v1api20240301.BastionHostPropertiesFormat_NetworkAcls properties: $propertyBag: additionalProperties: @@ -1272,12 +1359,25 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - type: - type: string + ipRules: + items: + description: Storage version of v1api20240301.IPRule + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + addressPrefix: + type: string + type: object + type: array type: object operatorSpec: description: |- - Storage version of v1api20230501.ExtensionOperatorSpec + Storage version of v1api20240301.BastionHostOperatorSpec Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: @@ -1287,61 +1387,86 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - configMaps: - description: Storage version of v1api20230501.ExtensionOperatorConfigMaps - properties: - $propertyBag: - additionalProperties: + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - principalId: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array type: object originalVersion: type: string owner: description: |- Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an - extension resource, which means that any other Azure resource can be its owner. + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: - description: Ownership across namespaces is not supported. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string name: description: This is the name of the Kubernetes resource to reference. type: string type: object - plan: + scaleUnits: + type: integer + sku: description: |- - Storage version of v1api20230501.Plan - Plan for the resource. + Storage version of v1api20240301.Sku + The sku of this Bastion Host. properties: $propertyBag: additionalProperties: @@ -1352,21 +1477,15 @@ spec: type: object name: type: string - product: - type: string - promotionCode: - type: string - publisher: - type: string - version: - type: string type: object - releaseTrain: - type: string - scope: + tags: + additionalProperties: + type: string + type: object + virtualNetwork: description: |- - Storage version of v1api20230501.Scope - Scope of the extension. It can be either Cluster or Namespace; but not both. + Storage version of v1api20240301.SubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: @@ -1375,71 +1494,38 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - cluster: - description: |- - Storage version of v1api20230501.ScopeCluster - Specifies that the scope of the extension is Cluster + reference: + description: 'Reference: Resource ID.' properties: - $propertyBag: - additionalProperties: - type: string + armId: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - releaseNamespace: + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - type: object - namespace: - description: |- - Storage version of v1api20230501.ScopeNamespace - Specifies that the scope of the extension is Namespace - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - targetNamespace: + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object type: object - systemData: - description: |- - Storage version of v1api20230501.SystemData - Metadata pertaining to creation and last modification of the resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - createdAt: - type: string - createdBy: - type: string - createdByType: - type: string - lastModifiedAt: - type: string - lastModifiedBy: - type: string - lastModifiedByType: - type: string - type: object - version: - type: string + zones: + items: + type: string + type: array required: - owner type: object status: description: |- - Storage version of v1api20230501.Extension_STATUS - The Extension object. + Storage version of v1api20240301.BastionHost_STATUS + Bastion Host resource. properties: $propertyBag: additionalProperties: @@ -1448,32 +1534,13 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - aksAssignedIdentity: - description: Storage version of v1api20230501.Extension_Properties_AksAssignedIdentity_STATUS - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - principalId: - type: string - tenantId: - type: string - type: - type: string - type: object - autoUpgradeMinorVersion: - type: boolean - conditions: - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time type: string message: description: Message is a human readable message indicating details about the transition. This field may be empty. @@ -1510,24 +1577,49 @@ spec: - type type: object type: array - configurationProtectedSettings: - additionalProperties: - type: string - type: object - configurationSettings: - additionalProperties: - type: string - type: object - currentVersion: + disableCopyPaste: + type: boolean + dnsName: type: string - customLocationSettings: - additionalProperties: - type: string - type: object - errorInfo: - description: |- - Storage version of v1api20230501.ErrorDetail_STATUS - The error detail. + enableFileCopy: + type: boolean + enableIpConnect: + type: boolean + enableKerberos: + type: boolean + enableSessionRecording: + type: boolean + enableShareableLink: + type: boolean + enableTunneling: + type: boolean + etag: + type: string + id: + type: string + ipConfigurations: + items: + description: |- + Storage version of v1api20240301.BastionHostIPConfiguration_STATUS + IP configuration of an Bastion Host. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + location: + type: string + name: + type: string + networkAcls: + description: Storage version of v1api20240301.BastionHostPropertiesFormat_NetworkAcls_STATUS properties: $propertyBag: additionalProperties: @@ -1536,32 +1628,9 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - additionalInfo: - items: - description: |- - Storage version of v1api20230501.ErrorAdditionalInfo_STATUS - The resource management error additional info. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - info: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: - type: string - type: object - type: array - code: - type: string - details: + ipRules: items: - description: Storage version of v1api20230501.ErrorDetail_STATUS_Unrolled + description: Storage version of v1api20240301.IPRule_STATUS properties: $propertyBag: additionalProperties: @@ -1570,73 +1639,19 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - additionalInfo: - items: - description: |- - Storage version of v1api20230501.ErrorAdditionalInfo_STATUS - The resource management error additional info. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - info: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: - type: string - type: object - type: array - code: - type: string - message: - type: string - target: + addressPrefix: type: string type: object type: array - message: - type: string - target: - type: string type: object - extensionType: - type: string - id: - type: string - identity: - description: |- - Storage version of v1api20230501.Identity_STATUS - Identity for the resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - principalId: - type: string - tenantId: - type: string - type: - type: string - type: object - isSystemExtension: - type: boolean - name: - type: string - packageUri: + provisioningState: type: string - plan: + scaleUnits: + type: integer + sku: description: |- - Storage version of v1api20230501.Plan_STATUS - Plan for the resource. + Storage version of v1api20240301.Sku_STATUS + The sku of this Bastion Host. properties: $propertyBag: additionalProperties: @@ -1647,23 +1662,17 @@ spec: type: object name: type: string - product: - type: string - promotionCode: - type: string - publisher: - type: string - version: - type: string type: object - provisioningState: - type: string - releaseTrain: + tags: + additionalProperties: + type: string + type: object + type: type: string - scope: + virtualNetwork: description: |- - Storage version of v1api20230501.Scope_STATUS - Scope of the extension. It can be either Cluster or Namespace; but not both. + Storage version of v1api20240301.SubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: @@ -1672,91 +1681,13 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - cluster: - description: |- - Storage version of v1api20230501.ScopeCluster_STATUS - Specifies that the scope of the extension is Cluster - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - releaseNamespace: - type: string - type: object - namespace: - description: |- - Storage version of v1api20230501.ScopeNamespace_STATUS - Specifies that the scope of the extension is Namespace - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - targetNamespace: - type: string - type: object + id: + type: string type: object - statuses: + zones: items: - description: |- - Storage version of v1api20230501.ExtensionStatus_STATUS - Status from the extension. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - displayStatus: - type: string - level: - type: string - message: - type: string - time: - type: string - type: object + type: string type: array - systemData: - description: |- - Storage version of v1api20230501.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - createdAt: - type: string - createdBy: - type: string - createdByType: - type: string - lastModifiedAt: - type: string - lastModifiedBy: - type: string - lastModifiedByType: - type: string - type: object - type: - type: string - version: - type: string type: object type: object served: true @@ -1769,11 +1700,11 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: fleetsmembers.containerservice.azure.com + app.kubernetes.io/version: v2.11.0 + name: extensions.kubernetesconfiguration.azure.com spec: conversion: strategy: Webhook @@ -1786,12 +1717,12 @@ spec: port: 443 conversionReviewVersions: - v1 - group: containerservice.azure.com + group: kubernetesconfiguration.azure.com names: - kind: FleetsMember - listKind: FleetsMemberList - plural: fleetsmembers - singular: fleetsmember + kind: Extension + listKind: ExtensionList + plural: extensions + singular: extension preserveUnknownFields: false scope: Namespaced versions: @@ -1808,13 +1739,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230315preview + name: v1api20230501 schema: openAPIV3Schema: description: |- Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} + - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} properties: apiVersion: description: |- @@ -1835,25 +1766,149 @@ spec: type: object spec: properties: + aksAssignedIdentity: + description: 'AksAssignedIdentity: Identity of the Extension resource in an AKS cluster' + properties: + type: + description: 'Type: The identity type.' + enum: + - SystemAssigned + - UserAssigned + type: string + type: object + autoUpgradeMinorVersion: + description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' + type: boolean azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. - maxLength: 50 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string - clusterResourceReference: + configurationProtectedSettings: description: |- - ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. - e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. + ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this + extension. properties: - armId: + name: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - name + type: object + configurationSettings: + additionalProperties: + type: string + description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' + type: object + extensionType: + description: |- + ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types + registered with Microsoft.KubernetesConfiguration by the Extension publisher. + type: string + identity: + description: 'Identity: Identity of the Extension resource' + properties: + type: + description: 'Type: The identity type.' + enum: + - SystemAssigned + type: string + type: object + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + principalId: + description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an + extension resource, which means that any other Azure resource can be its owner. + properties: + armId: + description: Ownership across namespaces is not supported. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -1863,44 +1918,127 @@ spec: description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. + description: This is the name of the Kubernetes resource to reference. type: string type: object - group: - description: 'Group: The group this member belongs to for multi-cluster update management.' - maxLength: 50 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + plan: + description: 'Plan: The plan information.' + properties: + name: + description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' + type: string + product: + description: |- + Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the + artifact at the time of Data Market onboarding. + type: string + promotionCode: + description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' + type: string + publisher: + description: 'Publisher: The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic' + type: string + version: + description: 'Version: The version of the desired product/artifact.' + type: string + required: + - name + - product + - publisher + type: object + releaseTrain: + description: |- + ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if + autoUpgradeMinorVersion is 'true'. type: string - owner: + scope: + description: 'Scope: Scope at which the extension is installed.' + properties: + cluster: + description: 'Cluster: Specifies that the scope of the extension is Cluster' + properties: + releaseNamespace: + description: |- + ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this + namespace does not exist, it will be created + type: string + type: object + namespace: + description: 'Namespace: Specifies that the scope of the extension is Namespace' + properties: + targetNamespace: + description: |- + TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace + does not exist, it will be created + type: string + type: object + type: object + systemData: description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/Fleet resource + SystemData: Top level metadata + https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + createdAt: + description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string - name: - description: This is the name of the Kubernetes resource to reference. + createdBy: + description: 'CreatedBy: The identity that created the resource.' + type: string + createdByType: + description: 'CreatedByType: The type of identity that created the resource.' + enum: + - Application + - Key + - ManagedIdentity + - User + type: string + lastModifiedAt: + description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' + type: string + lastModifiedBy: + description: 'LastModifiedBy: The identity that last modified the resource.' + type: string + lastModifiedByType: + description: 'LastModifiedByType: The type of identity that last modified the resource.' + enum: + - Application + - Key + - ManagedIdentity + - User type: string type: object + version: + description: |- + Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion + must be 'false'. + type: string required: - - clusterResourceReference - owner type: object status: + description: The Extension object. properties: - clusterResourceId: - description: |- - ClusterResourceId: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. - type: string - conditions: - description: 'Conditions: The observed state of the resource' - items: - description: Condition defines an extension to status (an observation) of a resource - properties: + aksAssignedIdentity: + description: 'AksAssignedIdentity: Identity of the Extension resource in an AKS cluster' + properties: + principalId: + description: 'PrincipalId: The principal ID of resource identity.' + type: string + tenantId: + description: 'TenantId: The tenant ID of resource.' + type: string + type: + description: 'Type: The identity type.' + type: string + type: object + autoUpgradeMinorVersion: + description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' + type: boolean + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: lastTransitionTime: description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time @@ -1940,29 +2078,193 @@ spec: - type type: object type: array - eTag: + configurationProtectedSettings: + additionalProperties: + type: string description: |- - ETag: If eTag is provided in the response body, it may also be provided as a header per the normal etag convention. - Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in - the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header - fields. + ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this + extension. + type: object + configurationSettings: + additionalProperties: + type: string + description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' + type: object + currentVersion: + description: 'CurrentVersion: Currently installed version of the extension.' type: string - group: - description: 'Group: The group this member belongs to for multi-cluster update management.' + customLocationSettings: + additionalProperties: + type: string + description: 'CustomLocationSettings: Custom Location settings properties.' + type: object + errorInfo: + description: 'ErrorInfo: Error information from the Agent - e.g. errors during installation.' + properties: + additionalInfo: + description: 'AdditionalInfo: The error additional info.' + items: + description: The resource management error additional info. + properties: + info: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: 'Info: The additional info.' + type: object + type: + description: 'Type: The additional info type.' + type: string + type: object + type: array + code: + description: 'Code: The error code.' + type: string + details: + description: 'Details: The error details.' + items: + properties: + additionalInfo: + description: 'AdditionalInfo: The error additional info.' + items: + description: The resource management error additional info. + properties: + info: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: 'Info: The additional info.' + type: object + type: + description: 'Type: The additional info type.' + type: string + type: object + type: array + code: + description: 'Code: The error code.' + type: string + message: + description: 'Message: The error message.' + type: string + target: + description: 'Target: The error target.' + type: string + type: object + type: array + message: + description: 'Message: The error message.' + type: string + target: + description: 'Target: The error target.' + type: string + type: object + extensionType: + description: |- + ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types + registered with Microsoft.KubernetesConfiguration by the Extension publisher. type: string id: description: |- Id: Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} type: string + identity: + description: 'Identity: Identity of the Extension resource' + properties: + principalId: + description: 'PrincipalId: The principal ID of resource identity.' + type: string + tenantId: + description: 'TenantId: The tenant ID of resource.' + type: string + type: + description: 'Type: The identity type.' + type: string + type: object + isSystemExtension: + description: 'IsSystemExtension: Flag to note if this extension is a system extension' + type: boolean name: description: 'Name: The name of the resource' type: string + packageUri: + description: 'PackageUri: Uri of the Helm package' + type: string + plan: + description: 'Plan: The plan information.' + properties: + name: + description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' + type: string + product: + description: |- + Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the + artifact at the time of Data Market onboarding. + type: string + promotionCode: + description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' + type: string + publisher: + description: 'Publisher: The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic' + type: string + version: + description: 'Version: The version of the desired product/artifact.' + type: string + type: object provisioningState: - description: 'ProvisioningState: The status of the last operation.' + description: 'ProvisioningState: Status of installation of this extension.' + type: string + releaseTrain: + description: |- + ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if + autoUpgradeMinorVersion is 'true'. type: string + scope: + description: 'Scope: Scope at which the extension is installed.' + properties: + cluster: + description: 'Cluster: Specifies that the scope of the extension is Cluster' + properties: + releaseNamespace: + description: |- + ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this + namespace does not exist, it will be created + type: string + type: object + namespace: + description: 'Namespace: Specifies that the scope of the extension is Namespace' + properties: + targetNamespace: + description: |- + TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace + does not exist, it will be created + type: string + type: object + type: object + statuses: + description: 'Statuses: Status from this extension.' + items: + description: Status from the extension. + properties: + code: + description: 'Code: Status code provided by the Extension' + type: string + displayStatus: + description: 'DisplayStatus: Short description of status of the extension.' + type: string + level: + description: 'Level: Level of the status.' + type: string + message: + description: 'Message: Detailed message of the status from the Extension.' + type: string + time: + description: 'Time: DateLiteral (per ISO8601) noting the time of installation status.' + type: string + type: object + type: array systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' + description: |- + SystemData: Top level metadata + https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources properties: createdAt: description: 'CreatedAt: The timestamp of resource creation (UTC).' @@ -1986,6 +2288,11 @@ spec: type: description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string + version: + description: |- + Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion + must be 'false'. + type: string type: object type: object served: true @@ -2005,14 +2312,14 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230315previewstorage + name: v1api20230501storage schema: openAPIV3Schema: description: |- - Storage version of v1api20230315preview.FleetsMember + Storage version of v1api20230501.Extension Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} + - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} properties: apiVersion: description: |- @@ -2032,7 +2339,7 @@ spec: metadata: type: object spec: - description: Storage version of v1api20230315preview.Fleets_Member_Spec + description: Storage version of v1api20230501.Extension_Spec properties: $propertyBag: additionalProperties: @@ -2041,22 +2348,170 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object + aksAssignedIdentity: + description: Storage version of v1api20230501.Extension_Properties_AksAssignedIdentity_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + type: + type: string + type: object + autoUpgradeMinorVersion: + type: boolean azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - clusterResourceReference: + configurationProtectedSettings: description: |- - ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. - e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. + SecretMapReference is a reference to a Kubernetes secret in the same namespace as + the resource it is on. properties: - armId: + name: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - name + type: object + configurationSettings: + additionalProperties: + type: string + type: object + extensionType: + type: string + identity: + description: |- + Storage version of v1api20230501.Identity + Identity for the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + type: + type: string + type: object + operatorSpec: + description: |- + Storage version of v1api20230501.ExtensionOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: Storage version of v1api20230501.ExtensionOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + principalId: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an + extension resource, which means that any other Azure resource can be its owner. + properties: + armId: + description: Ownership across namespaces is not supported. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2066,32 +2521,111 @@ spec: description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. + description: This is the name of the Kubernetes resource to reference. type: string type: object - group: - type: string - originalVersion: + plan: + description: |- + Storage version of v1api20230501.Plan + Plan for the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + product: + type: string + promotionCode: + type: string + publisher: + type: string + version: + type: string + type: object + releaseTrain: type: string - owner: + scope: description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/Fleet resource + Storage version of v1api20230501.Scope + Scope of the extension. It can be either Cluster or Namespace; but not both. properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + cluster: + description: |- + Storage version of v1api20230501.ScopeCluster + Specifies that the scope of the extension is Cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + releaseNamespace: + type: string + type: object + namespace: + description: |- + Storage version of v1api20230501.ScopeNamespace + Specifies that the scope of the extension is Namespace + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + targetNamespace: + type: string + type: object + type: object + systemData: + description: |- + Storage version of v1api20230501.SystemData + Metadata pertaining to creation and last modification of the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: type: string - name: - description: This is the name of the Kubernetes resource to reference. + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: type: string type: object + version: + type: string required: - - clusterResourceReference - owner type: object status: - description: Storage version of v1api20230315preview.Fleets_Member_STATUS + description: |- + Storage version of v1api20230501.Extension_STATUS + The Extension object. properties: $propertyBag: additionalProperties: @@ -2100,8 +2634,25 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - clusterResourceId: - type: string + aksAssignedIdentity: + description: Storage version of v1api20230501.Extension_Properties_AksAssignedIdentity_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + principalId: + type: string + tenantId: + type: string + type: + type: string + type: object + autoUpgradeMinorVersion: + type: boolean conditions: items: description: Condition defines an extension to status (an observation) of a resource @@ -2145,20 +2696,24 @@ spec: - type type: object type: array - eTag: - type: string - group: - type: string - id: - type: string - name: - type: string - provisioningState: + configurationProtectedSettings: + additionalProperties: + type: string + type: object + configurationSettings: + additionalProperties: + type: string + type: object + currentVersion: type: string - systemData: + customLocationSettings: + additionalProperties: + type: string + type: object + errorInfo: description: |- - Storage version of v1api20230315preview.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. + Storage version of v1api20230501.ErrorDetail_STATUS + The error detail. properties: $propertyBag: additionalProperties: @@ -2167,21 +2722,227 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - createdAt: - type: string - createdBy: - type: string - createdByType: - type: string - lastModifiedAt: - type: string - lastModifiedBy: - type: string + additionalInfo: + items: + description: |- + Storage version of v1api20230501.ErrorAdditionalInfo_STATUS + The resource management error additional info. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + info: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: + type: string + type: object + type: array + code: + type: string + details: + items: + description: Storage version of v1api20230501.ErrorDetail_STATUS_Unrolled + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + additionalInfo: + items: + description: |- + Storage version of v1api20230501.ErrorAdditionalInfo_STATUS + The resource management error additional info. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + info: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: + type: string + type: object + type: array + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + extensionType: + type: string + id: + type: string + identity: + description: |- + Storage version of v1api20230501.Identity_STATUS + Identity for the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + principalId: + type: string + tenantId: + type: string + type: + type: string + type: object + isSystemExtension: + type: boolean + name: + type: string + packageUri: + type: string + plan: + description: |- + Storage version of v1api20230501.Plan_STATUS + Plan for the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + product: + type: string + promotionCode: + type: string + publisher: + type: string + version: + type: string + type: object + provisioningState: + type: string + releaseTrain: + type: string + scope: + description: |- + Storage version of v1api20230501.Scope_STATUS + Scope of the extension. It can be either Cluster or Namespace; but not both. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + cluster: + description: |- + Storage version of v1api20230501.ScopeCluster_STATUS + Specifies that the scope of the extension is Cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + releaseNamespace: + type: string + type: object + namespace: + description: |- + Storage version of v1api20230501.ScopeNamespace_STATUS + Specifies that the scope of the extension is Namespace + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + targetNamespace: + type: string + type: object + type: object + statuses: + items: + description: |- + Storage version of v1api20230501.ExtensionStatus_STATUS + Status from the extension. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + displayStatus: + type: string + level: + type: string + message: + type: string + time: + type: string + type: object + type: array + systemData: + description: |- + Storage version of v1api20230501.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string lastModifiedByType: type: string type: object type: type: string + version: + type: string type: object type: object served: true @@ -2194,11 +2955,11 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: managedclusters.containerservice.azure.com + app.kubernetes.io/version: v2.11.0 + name: fleetsmembers.containerservice.azure.com spec: conversion: strategy: Webhook @@ -2213,10 +2974,10 @@ spec: - v1 group: containerservice.azure.com names: - kind: ManagedCluster - listKind: ManagedClusterList - plural: managedclusters - singular: managedcluster + kind: FleetsMember + listKind: FleetsMemberList + plural: fleetsmembers + singular: fleetsmember preserveUnknownFields: false scope: Namespaced versions: @@ -2233,13 +2994,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20210501 + name: v1api20230315preview schema: openAPIV3Schema: description: |- Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} properties: apiVersion: description: |- @@ -2260,590 +3021,288 @@ spec: type: object spec: properties: - aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 50 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + clusterResourceReference: + description: |- + ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. + e.g.: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. properties: - adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' - items: - type: string - type: array - clientAppID: - description: 'ClientAppID: The client AAD application ID.' + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' - type: boolean - managed: - description: 'Managed: Whether to enable managed AAD.' - type: boolean - serverAppID: - description: 'ServerAppID: The server AAD application ID.' + group: + description: Group is the Kubernetes group of the resource. type: string - serverAppSecret: - description: 'ServerAppSecret: The server AAD application secret.' + kind: + description: Kind is the Kubernetes kind of the resource. type: string - tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. + name: + description: Name is the Kubernetes name of the resource. type: string type: object - addonProfiles: - additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. - properties: - config: - additionalProperties: - type: string - description: 'Config: Key-value pairs for configuring an add-on.' - type: object - enabled: - description: 'Enabled: Whether the add-on is enabled or not.' - type: boolean - required: - - enabled - type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' - type: object - agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' - items: - description: Profile for the container service agent pool. - properties: - availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. - items: - type: string - type: array - count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. - type: integer - enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' - type: boolean - enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption - type: boolean - enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. - type: boolean - enableNodePublicIP: + group: + description: 'Group: The group this member belongs to for multi-cluster update management.' + maxLength: 50 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. - type: boolean - enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' - type: boolean - gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g - type: string - kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' - items: - type: string - type: array - containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 - type: integer - containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' - type: integer - cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' - type: boolean - cpuCfsQuotaPeriod: + key: description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - cpuManagerPolicy: + name: description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string - failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' - type: boolean - imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' - type: integer - imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' - type: integer - podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' - type: integer - topologyManagerPolicy: + value: description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string + required: + - name + - value type: object - kubeletDiskType: + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary - type: string - linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' - type: integer - sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' - properties: - fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' - type: integer - fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' - type: integer - fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' - type: integer - fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' - type: integer - kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' - type: integer - netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' - type: integer - netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' - type: integer - netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' - type: integer - netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' - type: integer - netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' - type: integer - netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' - type: integer - netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' - type: integer - netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' - type: string - netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' - type: integer - netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' - type: integer - netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' - type: integer - netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' - type: integer - netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' - type: integer - netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' - type: integer - netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' - type: integer - netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' - type: integer - netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' - type: boolean - netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - type: integer - netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - type: integer - netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - type: integer - vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' - type: integer - vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' - type: integer - vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' - type: integer - type: object - transparentHugePageDefrag: + key: description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - transparentHugePageEnabled: + name: description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string - type: object - maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' - type: integer - maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' - type: integer - minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' - type: integer - mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - System - - User - type: string - name: - description: 'Name: Windows agent pool names must be 6 characters or less.' - pattern: ^[a-z][a-z0-9]{0,11}$ - type: string - nodeLabels: - additionalProperties: - type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' - type: object - nodePublicIPPrefixIDReference: - description: |- - NodePublicIPPrefixIDReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: + value: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string + required: + - name + - value type: object - nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' - items: - type: string - type: array - orchestratorVersion: - description: |- - OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes - version. The node pool version must have the same major version as the control plane. The node pool minor version must - be within two minor versions of the control plane version. The node pool version cannot be greater than the control - plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). - type: string - osDiskSizeGB: - maximum: 2048 - minimum: 0 - type: integer - osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed - type: string - osSKU: - description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' - enum: - - CBLMariner - - Ubuntu + type: array + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/Fleet resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + required: + - clusterResourceReference + - owner + type: object + status: + properties: + clusterResourceId: + description: |- + ClusterResourceId: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. + type: string + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time type: string - osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. type: string - podSubnetIDReference: + observedGeneration: description: |- - PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more - details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string - scaleSetEvictionPolicy: + severity: description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string - scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot + status: + description: Status of the condition, one of True, False, or Unknown. type: string - spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) - type: number - tags: - additionalProperties: - type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' - type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets - type: string - upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' - properties: - maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade - type: string - type: object - vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions + description: Type of condition. type: string - vnetSubnetIDReference: - description: |- - VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + required: + - lastTransitionTime + - reason + - status + - type type: object type: array - apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' - properties: - authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). - items: - type: string - type: array - enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). - type: boolean - enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' - type: boolean - privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. - type: string - type: object - autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + eTag: + description: |- + ETag: If eTag is provided in the response body, it may also be provided as a header per the normal etag convention. + Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in + the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header + fields. + type: string + group: + description: 'Group: The group this member belongs to for multi-cluster update management.' + type: string + id: + description: |- + Id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + type: string + name: + description: 'Name: The name of the resource' + type: string + provisioningState: + description: 'ProvisioningState: The status of the last operation.' + type: string + systemData: + description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' properties: - balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' - type: string - expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. - enum: - - least-waste - - most-pods - - priority - - random - type: string - max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' - type: string - max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' - type: string - max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. - type: string - max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' - type: string - new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). - type: string - ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' - type: string - scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. - type: string - scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. - type: string - scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. - type: string - scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. + createdAt: + description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string - scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. + createdBy: + description: 'CreatedBy: The identity that created the resource.' type: string - scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' + createdByType: + description: 'CreatedByType: The type of identity that created the resource.' type: string - scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' + lastModifiedAt: + description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string - skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' + lastModifiedBy: + description: 'LastModifiedBy: The identity that last modified the resource.' type: string - skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' + lastModifiedByType: + description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object - autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' - properties: - upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). - enum: - - node-image - - none - - patch - - rapid - - stable - type: string + type: + description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20230315previewstorage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20230315preview.FleetsMember + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20230315preview.FleetsMember_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string - disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). - type: boolean - diskEncryptionSetIDReference: + clusterResourceReference: description: |- - DiskEncryptionSetIDReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. + e.g.: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. properties: armId: description: |- @@ -2862,397 +3321,86 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' + group: type: string - enablePodSecurityPolicy: + operatorSpec: description: |- - EnablePodSecurityPolicy: (DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set - for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy. - type: boolean - enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' - type: boolean - extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' - properties: - name: - description: 'Name: The name of the extended location.' - type: string - type: - description: 'Type: The type of the extended location.' - enum: - - EdgeZone - type: string - type: object - fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' - type: string - httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + Storage version of v1api20230315preview.FleetsMemberOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: - httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' - type: string - httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' - type: string - noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' - items: + $propertyBag: + additionalProperties: type: string - type: array - trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' - type: string - type: object - identity: - description: 'Identity: The identity of the managed cluster, if configured.' - properties: - type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). - enum: - - None - - SystemAssigned - - UserAssigned - type: string - userAssignedIdentities: description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: items: - description: Information about the user assigned identity for the resource + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value type: object type: array - type: object - identityProfile: - additionalProperties: - description: Details about a user assigned identity. - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - armId: + key: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string name: - description: Name is the Kubernetes name of the resource. + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value type: object - type: object - description: 'IdentityProfile: Identities associated with the cluster.' - type: object - kubernetesVersion: - description: |- - KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades - must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> - 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. - type: string - linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' - properties: - adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' - pattern: ^[A-Za-z][-A-Za-z0-9_]*$ - type: string - ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' - properties: - publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' - items: - description: Contains information about SSH certificate public key data. - properties: - keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. - type: string - required: - - keyData - type: object - type: array - required: - - publicKeys - type: object - required: - - adminUsername - - ssh - type: object - location: - description: 'Location: Resource location' - type: string - networkProfile: - description: 'NetworkProfile: The network configuration profile.' - properties: - dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ - type: string - dockerBridgeCidr: - description: |- - DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP - ranges or the Kubernetes service address range. - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ - type: string - loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' - properties: - allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. - maximum: 64000 - minimum: 0 - type: integer - effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' - items: - description: A reference to an Azure resource. - properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - type: array - idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. - maximum: 120 - minimum: 4 - type: integer - managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' - properties: - count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be - in the range of 1 to 100 (inclusive). The default value is 1. - maximum: 100 - minimum: 1 - type: integer - type: object - outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' - properties: - publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' - items: - description: A reference to an Azure resource. - properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - type: array - type: object - outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' - properties: - publicIPs: - description: 'PublicIPs: A list of public IP resources.' - items: - description: A reference to an Azure resource. - properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - type: array - type: object - type: object - loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. - enum: - - basic - - standard - type: string - networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' - enum: - - bridge - - transparent - type: string - networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' - enum: - - azure - - kubenet - type: string - networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' - enum: - - azure - - calico - type: string - outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). - enum: - - loadBalancer - - userDefinedRouting - type: string - podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ - type: string - serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ - type: string + type: array type: object - nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' + originalVersion: type: string - operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure - properties: - secrets: - description: 'Secrets: configures where to place Azure generated secrets.' - properties: - adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object owner: description: |- Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource + reference to a containerservice.azure.com/Fleet resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -3261,1302 +3409,1125 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object - podIdentityProfile: + required: + - clusterResourceReference + - owner + type: object + status: + description: Storage version of v1api20230315preview.FleetsMember_STATUS + properties: + $propertyBag: + additionalProperties: + type: string description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. - properties: - allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. - type: boolean - enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' - type: boolean - userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' - items: - description: Details about the pod identity assigned to the Managed Cluster. - properties: - bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' - type: string - identity: - description: 'Identity: The user assigned identity details.' - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - name: - description: 'Name: The name of the pod identity.' - type: string - namespace: - description: 'Namespace: The namespace of the pod identity.' - type: string - required: - - identity - - name - - namespace - type: object - type: array - userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' - items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. - properties: - name: - description: 'Name: The name of the pod identity exception.' - type: string - namespace: - description: 'Namespace: The namespace of the pod identity exception.' - type: string - podLabels: - additionalProperties: - type: string - description: 'PodLabels: The pod labels to match.' - type: object - required: - - name - - namespace - - podLabels - type: object - type: array + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' + clusterResourceId: + type: string + conditions: items: - description: A private link resource + description: Condition defines an extension to status (an observation) of a resource properties: - groupId: - description: 'GroupId: The group ID of the resource.' + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time type: string - name: - description: 'Name: The name of the private link resource.' + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' - items: - type: string - type: array type: - description: 'Type: The resource type.' + description: Type of condition. type: string + required: + - lastTransitionTime + - reason + - status + - type type: object type: array - servicePrincipalProfile: + eTag: + type: string + group: + type: string + id: + type: string + name: + type: string + provisioningState: + type: string + systemData: description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. + Storage version of v1api20230315preview.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. properties: - clientId: - description: 'ClientId: The ID for the service principal.' + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: type: string - secret: - description: 'Secret: The secret password associated with the service principal in plain text.' - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - required: - - clientId - type: object - sku: - description: 'Sku: The managed cluster SKU.' - properties: - name: - description: 'Name: The name of a managed cluster SKU.' - enum: - - Basic + createdBy: type: string - tier: - description: |- - Tier: If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for - more details. - enum: - - Free - - Paid + createdByType: type: string - type: object - tags: - additionalProperties: - type: string - description: 'Tags: Resource tags' - type: object - windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' - properties: - adminPassword: - description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters + lastModifiedAt: type: string - enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). - type: boolean - licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. - enum: - - None - - Windows_Server + lastModifiedBy: + type: string + lastModifiedByType: type: string - required: - - adminUsername type: object - required: - - location - - owner + type: + type: string type: object - status: - description: Managed cluster. + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert + controller-gen.kubebuilder.io/version: v0.16.3 + labels: + app.kubernetes.io/name: azure-service-operator + app.kubernetes.io/version: v2.11.0 + name: managedclusters.containerservice.azure.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: azureserviceoperator-webhook-service + namespace: azureserviceoperator-system + path: /convert + port: 443 + conversionReviewVersions: + - v1 + group: containerservice.azure.com + names: + kind: ManagedCluster + listKind: ManagedClusterList + plural: managedclusters + singular: managedcluster + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20210501 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: The client AAD application ID.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: The server AAD application ID.' type: string serverAppSecret: - description: 'ServerAppSecret: The server AAD application secret.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - identity: - description: 'Identity: Information of user assigned identity used by this add-on.' - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string - type: object + required: + - enabled type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. + minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. + enum: + - OS + - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' - type: string - nodeImageVersion: - description: 'NodeImageVersion: The version of node image' + pattern: ^[a-z][a-z0-9]{0,11}$ type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object - nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - type: string + nodePublicIPPrefixIDReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes - version. The node pool version must have the same major version as the control plane. The node pool minor version must - be within two minor versions of the control plane version. The node pool version cannot be greater than the control - plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: + maximum: 2048 + minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed type: string osSKU: - description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' + enum: + - CBLMariner + - Ubuntu type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - type: string - podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + enum: + - Linux + - Windows type: string - powerState: - description: 'PowerState: Describes whether the Agent Pool is Running or Stopped' + podSubnetIDReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object - provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' - type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. + enum: + - Deallocate + - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions - type: string - vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + vnetSubnetIDReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. + enum: + - least-waste + - most-pods + - priority + - random type: string max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). + enum: + - node-image + - none + - patch + - rapid + - stable type: string type: object - azurePortalFQDN: + azureName: description: |- - AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some - responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure - Portal to function properly. + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string - conditions: - description: 'Conditions: The observed state of the resource' - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetID: - description: |- - DiskEncryptionSetID: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - type: string + diskEncryptionSetIDReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set - for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' + enum: + - EdgeZone type: string type: object - fqdn: - description: 'Fqdn: The FQDN of the master pool.' - type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object - id: - description: 'Id: Resource Id' - type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: - principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' - type: string - tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' - type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + enum: + - None + - SystemAssigned + - UserAssigned type: string userAssignedIdentities: - additionalProperties: + items: properties: - clientId: - description: 'ClientId: The client id of user assigned identity.' - type: string - principalId: - description: 'PrincipalId: The principal id of user assigned identity.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - type: object + type: array type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: |- - KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades - must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> - 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' + pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string + required: + - keyData type: object type: array + required: + - publicKeys type: object + required: + - adminUsername + - ssh type: object location: - description: 'Location: Resource location' - type: string - maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' - type: integer - name: - description: 'Name: Resource name' type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. + pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string dockerBridgeCidr: - description: |- - DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP - ranges or the Kubernetes service address range. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + maximum: 64000 + minimum: 0 type: integer effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be - in the range of 1 to 100 (inclusive). The default value is 1. + maximum: 100 + minimum: 1 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. + enum: + - basic + - standard type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + enum: + - bridge + - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + enum: + - azure + - kubenet type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + enum: + - azure + - calico type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + enum: + - loadBalancer + - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string - podIdentityProfile: + operatorSpec: description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: 'Secrets: configures where to place Azure generated secrets.' + properties: + adminCredentials: + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podIdentityProfile: properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' - type: string - provisioningInfo: - properties: - error: - description: 'Error: Pod identity assignment error (if any).' - properties: - error: - description: 'Error: Details about the error.' - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - details: - description: 'Details: A list of additional details about the error.' - items: - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: array - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: object - type: object - provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string + required: + - identity + - name + - namespace type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object + required: + - name + - namespace + - podLabels type: object type: array type: object - powerState: - description: 'PowerState: The Power State of the cluster.' - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - type: string - type: object - privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' - type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' - type: string - id: - description: 'Id: The ID of the private link resource.' type: string name: - description: 'Name: The name of the private link resource.' - type: string - privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string - requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' - items: - type: string - type: array - type: - description: 'Type: The resource type.' + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requiredMembers: + items: + type: string + type: array + type: type: string type: object type: array - provisioningState: - description: 'ProvisioningState: The current provisioning state.' - type: string servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + required: + - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' + enum: + - Basic type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for - more details. + enum: + - Free + - Paid type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags' type: object - type: - description: 'Type: Resource type' - type: string windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - adminUsername: + adminPassword: description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + adminUsername: type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + enum: + - None + - Windows_Server type: string + required: + - adminUsername type: object + required: + - location + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20210501storage - schema: - openAPIV3Schema: - description: |- - Storage version of v1api20210501.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Storage version of v1api20210501.ManagedCluster_Spec + status: properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object aadProfile: - description: |- - Storage version of v1api20210501.ManagedClusterAADProfile - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminGroupObjectIDs: items: type: string @@ -4576,38 +4547,27 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20210501.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object config: additionalProperties: type: string type: object enabled: type: boolean + identity: + properties: + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20210501.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object availabilityZones: items: type: string @@ -4627,17 +4587,7 @@ spec: gpuInstanceProfile: type: string kubeletConfig: - description: |- - Storage version of v1api20210501.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: items: type: string @@ -4666,31 +4616,11 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20210501.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20210501.SysctlConfig - Sysctl settings for Linux agent nodes. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: type: integer fsFileMax: @@ -4763,32 +4693,14 @@ spec: type: string name: type: string + nodeImageVersion: + type: string nodeLabels: additionalProperties: type: string type: object - nodePublicIPPrefixIDReference: - description: |- - NodePublicIPPrefixIDReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + nodePublicIPPrefixID: + type: string nodeTaints: items: type: string @@ -4803,29 +4715,15 @@ spec: type: string osType: type: string - podSubnetIDReference: - description: |- - PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more - details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + podSubnetID: + type: string + powerState: properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. + code: type: string type: object + provisioningState: + type: string proximityPlacementGroupID: type: string scaleSetEvictionPolicy: @@ -4841,59 +4739,18 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20210501.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object maxSurge: type: string type: object vmSize: type: string - vnetSubnetIDReference: - description: |- - VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + vnetSubnetID: + type: string type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20210501.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object authorizedIPRanges: items: type: string @@ -4906,15 +4763,7 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20210501.ManagedClusterProperties_AutoScalerProfile properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object balance-similar-node-groups: type: string expander: @@ -4951,49 +4800,60 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20210501.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object upgradeChannel: type: string type: object - azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. + azurePortalFQDN: type: string + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array disableLocalAccounts: type: boolean - diskEncryptionSetIDReference: - description: |- - DiskEncryptionSetIDReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + diskEncryptionSetID: + type: string dnsPrefix: type: string enablePodSecurityPolicy: @@ -5001,36 +4861,18 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20210501.ExtendedLocation - The complex type of the extended location. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string type: type: string type: object + fqdn: + type: string fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20210501.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object httpProxy: type: string httpsProxy: @@ -5042,136 +4884,48 @@ spec: trustedCa: type: string type: object + id: + type: string identity: - description: |- - Storage version of v1api20210501.ManagedClusterIdentity - Identity for the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + principalId: + type: string + tenantId: + type: string type: type: string userAssignedIdentities: - items: - description: |- - Storage version of v1api20210501.UserAssignedIdentityDetails - Information about the user assigned identity for the resource + additionalProperties: properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + clientId: + type: string + principalId: + type: string type: object - type: array + type: object type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20210501.UserAssignedIdentity - Details about a user assigned identity. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string objectId: type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object type: object kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20210501.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20210501.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicKeys: items: - description: |- - Storage version of v1api20210501.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keyData: type: string type: object @@ -5180,175 +4934,51 @@ spec: type: object location: type: string + maxAgentPools: + type: integer + name: + type: string networkProfile: - description: |- - Storage version of v1api20210501.ContainerServiceNetworkProfile - Profile of network configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object dnsServiceIP: type: string dockerBridgeCidr: type: string loadBalancerProfile: - description: |- - Storage version of v1api20210501.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allocatedOutboundPorts: type: integer effectiveOutboundIPs: items: - description: |- - Storage version of v1api20210501.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20210501.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array type: object outboundIPs: - description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_OutboundIPs properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPs: items: - description: |- - Storage version of v1api20210501.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array type: object @@ -5370,168 +5000,63 @@ spec: type: object nodeResourceGroup: type: string - operatorSpec: - description: |- - Storage version of v1api20210501.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - secrets: - description: Storage version of v1api20210501.ManagedClusterOperatorSecrets - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - originalVersion: - type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object podIdentityProfile: - description: |- - Storage version of v1api20210501.ManagedClusterPodIdentityProfile - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowNetworkPluginKubenet: type: boolean enabled: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20210501.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20210501.UserAssignedIdentity - Details about a user assigned identity. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string objectId: type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object name: type: string namespace: type: string + provisioningInfo: + properties: + error: + properties: + error: + properties: + code: + type: string + details: + items: + properties: + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string type: object type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20210501.ManagedClusterPodIdentityException - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string namespace: @@ -5543,43 +5068,24 @@ spec: type: object type: array type: object + powerState: + properties: + code: + type: string + type: object + privateFQDN: + type: string privateLinkResources: items: - description: |- - Storage version of v1api20210501.PrivateLinkResource - A private link resource properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object groupId: type: string + id: + type: string name: type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + privateLinkServiceID: + type: string requiredMembers: items: type: string @@ -5588,50 +5094,15 @@ spec: type: string type: object type: array + provisioningState: + type: string servicePrincipalProfile: - description: |- - Storage version of v1api20210501.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string - secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object type: object sku: - description: |- - Storage version of v1api20210501.ManagedClusterSKU - The SKU of a Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string tier: @@ -5641,35 +5112,10 @@ spec: additionalProperties: type: string type: object + type: + type: string windowsProfile: - description: |- - Storage version of v1api20210501.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object adminUsername: type: string enableCSIProxy: @@ -5677,13 +5123,49 @@ spec: licenseType: type: string type: object - required: - - owner type: object - status: + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20210501storage + schema: + openAPIV3Schema: + description: Storage version of v1api20210501.ManagedCluster + properties: + apiVersion: description: |- - Storage version of v1api20210501.ManagedCluster_STATUS - Managed cluster. + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20210501.ManagedCluster_Spec properties: $propertyBag: additionalProperties: @@ -5693,9 +5175,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20210501.ManagedClusterAADProfile_STATUS - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: Storage version of v1api20210501.ManagedClusterAADProfile properties: $propertyBag: additionalProperties: @@ -5723,9 +5203,7 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20210501.ManagedClusterAddonProfile_STATUS - A Kubernetes add-on profile for a managed cluster. + description: Storage version of v1api20210501.ManagedClusterAddonProfile properties: $propertyBag: additionalProperties: @@ -5740,32 +5218,11 @@ spec: type: object enabled: type: boolean - identity: - description: |- - Storage version of v1api20210501.UserAssignedIdentity_STATUS - Details about a user assigned identity. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - clientId: - type: string - objectId: - type: string - resourceId: - type: string - type: object type: object type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20210501.ManagedClusterAgentPoolProfile_STATUS - Profile for the container service agent pool. + description: Storage version of v1api20210501.ManagedClusterAgentPoolProfile properties: $propertyBag: additionalProperties: @@ -5793,9 +5250,7 @@ spec: gpuInstanceProfile: type: string kubeletConfig: - description: |- - Storage version of v1api20210501.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: Storage version of v1api20210501.KubeletConfig properties: $propertyBag: additionalProperties: @@ -5832,9 +5287,7 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20210501.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: Storage version of v1api20210501.LinuxOSConfig properties: $propertyBag: additionalProperties: @@ -5846,9 +5299,7 @@ spec: swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20210501.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. + description: Storage version of v1api20210501.SysctlConfig properties: $propertyBag: additionalProperties: @@ -5929,14 +5380,30 @@ spec: type: string name: type: string - nodeImageVersion: - type: string nodeLabels: additionalProperties: type: string type: object - nodePublicIPPrefixID: - type: string + nodePublicIPPrefixIDReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: items: type: string @@ -5951,25 +5418,26 @@ spec: type: string osType: type: string - podSubnetID: - type: string - powerState: - description: |- - Storage version of v1api20210501.PowerState_STATUS - Describes the Power State of the cluster + podSubnetIDReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: - $propertyBag: - additionalProperties: - type: string + armId: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object - provisioningState: - type: string proximityPlacementGroupID: type: string scaleSetEvictionPolicy: @@ -5985,9 +5453,7 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20210501.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool + description: Storage version of v1api20210501.AgentPoolUpgradeSettings properties: $propertyBag: additionalProperties: @@ -6001,14 +5467,30 @@ spec: type: object vmSize: type: string - vnetSubnetID: - type: string + vnetSubnetIDReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20210501.ManagedClusterAPIServerAccessProfile_STATUS - Access profile for managed cluster API server. + description: Storage version of v1api20210501.ManagedClusterAPIServerAccessProfile properties: $propertyBag: additionalProperties: @@ -6029,7 +5511,7 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20210501.ManagedClusterProperties_AutoScalerProfile_STATUS + description: Storage version of v1api20210501.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: @@ -6074,9 +5556,7 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20210501.ManagedClusterAutoUpgradeProfile_STATUS - Auto upgrade profile for a managed cluster. + description: Storage version of v1api20210501.ManagedClusterAutoUpgradeProfile properties: $propertyBag: additionalProperties: @@ -6088,55 +5568,33 @@ spec: upgradeChannel: type: string type: object - azurePortalFQDN: + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string - conditions: - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array disableLocalAccounts: type: boolean - diskEncryptionSetID: - type: string + diskEncryptionSetIDReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: type: string enablePodSecurityPolicy: @@ -6144,9 +5602,7 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20210501.ExtendedLocation_STATUS - The complex type of the extended location. + description: Storage version of v1api20210501.ExtendedLocation properties: $propertyBag: additionalProperties: @@ -6160,14 +5616,10 @@ spec: type: type: string type: object - fqdn: - type: string fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20210501.ManagedClusterHTTPProxyConfig_STATUS - Cluster HTTP proxy configuration. + description: Storage version of v1api20210501.ManagedClusterHTTPProxyConfig properties: $propertyBag: additionalProperties: @@ -6187,12 +5639,8 @@ spec: trustedCa: type: string type: object - id: - type: string identity: - description: |- - Storage version of v1api20210501.ManagedClusterIdentity_STATUS - Identity for the managed cluster. + description: Storage version of v1api20210501.ManagedClusterIdentity properties: $propertyBag: additionalProperties: @@ -6201,15 +5649,11 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - principalId: - type: string - tenantId: - type: string type: type: string userAssignedIdentities: - additionalProperties: - description: Storage version of v1api20210501.ManagedClusterIdentity_UserAssignedIdentities_STATUS + items: + description: Storage version of v1api20210501.UserAssignedIdentityDetails properties: $propertyBag: additionalProperties: @@ -6218,18 +5662,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - clientId: - type: string - principalId: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - type: object + type: array type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20210501.UserAssignedIdentity_STATUS - Details about a user assigned identity. + description: Storage version of v1api20210501.UserAssignedIdentity properties: $propertyBag: additionalProperties: @@ -6242,16 +5700,32 @@ spec: type: string objectId: type: string - resourceId: - type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: object kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20210501.ContainerServiceLinuxProfile_STATUS - Profile for Linux VMs in the container service cluster. + description: Storage version of v1api20210501.ContainerServiceLinuxProfile properties: $propertyBag: additionalProperties: @@ -6263,9 +5737,7 @@ spec: adminUsername: type: string ssh: - description: |- - Storage version of v1api20210501.ContainerServiceSshConfiguration_STATUS - SSH configuration for Linux-based VMs running on Azure. + description: Storage version of v1api20210501.ContainerServiceSshConfiguration properties: $propertyBag: additionalProperties: @@ -6276,9 +5748,7 @@ spec: type: object publicKeys: items: - description: |- - Storage version of v1api20210501.ContainerServiceSshPublicKey_STATUS - Contains information about SSH certificate public key data. + description: Storage version of v1api20210501.ContainerServiceSshPublicKey properties: $propertyBag: additionalProperties: @@ -6295,14 +5765,8 @@ spec: type: object location: type: string - maxAgentPools: - type: integer - name: - type: string networkProfile: - description: |- - Storage version of v1api20210501.ContainerServiceNetworkProfile_STATUS - Profile of network configuration. + description: Storage version of v1api20210501.ContainerServiceNetworkProfile properties: $propertyBag: additionalProperties: @@ -6316,9 +5780,7 @@ spec: dockerBridgeCidr: type: string loadBalancerProfile: - description: |- - Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_STATUS - Profile of the managed cluster load balancer. + description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile properties: $propertyBag: additionalProperties: @@ -6331,9 +5793,7 @@ spec: type: integer effectiveOutboundIPs: items: - description: |- - Storage version of v1api20210501.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20210501.ResourceReference properties: $propertyBag: additionalProperties: @@ -6342,14 +5802,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS + description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: @@ -6362,7 +5840,7 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS + description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: @@ -6373,9 +5851,7 @@ spec: type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20210501.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20210501.ResourceReference properties: $propertyBag: additionalProperties: @@ -6384,13 +5860,31 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS + description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: @@ -6401,9 +5895,7 @@ spec: type: object publicIPs: items: - description: |- - Storage version of v1api20210501.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20210501.ResourceReference properties: $propertyBag: additionalProperties: @@ -6412,8 +5904,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -6435,11 +5945,141 @@ spec: type: object nodeResourceGroup: type: string - podIdentityProfile: + operatorSpec: description: |- - Storage version of v1api20210501.ManagedClusterPodIdentityProfile_STATUS - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. + Storage version of v1api20210501.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: Storage version of v1api20210501.ManagedClusterOperatorSecrets + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podIdentityProfile: + description: Storage version of v1api20210501.ManagedClusterPodIdentityProfile properties: $propertyBag: additionalProperties: @@ -6454,9 +6094,7 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20210501.ManagedClusterPodIdentity_STATUS - Details about the pod identity assigned to the Managed Cluster. + description: Storage version of v1api20210501.ManagedClusterPodIdentity properties: $propertyBag: additionalProperties: @@ -6468,9 +6106,7 @@ spec: bindingSelector: type: string identity: - description: |- - Storage version of v1api20210501.UserAssignedIdentity_STATUS - Details about a user assigned identity. + description: Storage version of v1api20210501.UserAssignedIdentity properties: $propertyBag: additionalProperties: @@ -6483,85 +6119,36 @@ spec: type: string objectId: type: string - resourceId: - type: string - type: object - name: - type: string - namespace: - type: string - provisioningInfo: - description: Storage version of v1api20210501.ManagedClusterPodIdentity_ProvisioningInfo_STATUS - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: - description: |- - Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: + armId: description: |- - Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - details: - items: - description: Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - message: - type: string - target: - type: string - type: object - type: array - message: - type: string - target: - type: string - type: object + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string type: object type: object - provisioningState: + name: + type: string + namespace: type: string type: object type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20210501.ManagedClusterPodIdentityException_STATUS - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: Storage version of v1api20210501.ManagedClusterPodIdentityException properties: $propertyBag: additionalProperties: @@ -6581,28 +6168,9 @@ spec: type: object type: array type: object - powerState: - description: |- - Storage version of v1api20210501.PowerState_STATUS - Describes the Power State of the cluster - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - type: object - privateFQDN: - type: string privateLinkResources: items: - description: |- - Storage version of v1api20210501.PrivateLinkResource_STATUS - A private link resource + description: Storage version of v1api20210501.PrivateLinkResource properties: $propertyBag: additionalProperties: @@ -6613,12 +6181,28 @@ spec: type: object groupId: type: string - id: - type: string name: type: string - privateLinkServiceID: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: items: type: string @@ -6627,12 +6211,8 @@ spec: type: string type: object type: array - provisioningState: - type: string servicePrincipalProfile: - description: |- - Storage version of v1api20210501.ManagedClusterServicePrincipalProfile_STATUS - Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: Storage version of v1api20210501.ManagedClusterServicePrincipalProfile properties: $propertyBag: additionalProperties: @@ -6643,11 +6223,26 @@ spec: type: object clientId: type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object type: object sku: - description: |- - Storage version of v1api20210501.ManagedClusterSKU_STATUS - The SKU of a Managed Cluster. + description: Storage version of v1api20210501.ManagedClusterSKU properties: $propertyBag: additionalProperties: @@ -6665,12 +6260,8 @@ spec: additionalProperties: type: string type: object - type: - type: string windowsProfile: - description: |- - Storage version of v1api20210501.ManagedClusterWindowsProfile_STATUS - Profile for Windows VMs in the managed cluster. + description: Storage version of v1api20210501.ManagedClusterWindowsProfile properties: $propertyBag: additionalProperties: @@ -6679,6 +6270,23 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object + adminPassword: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: @@ -6686,3116 +6294,2272 @@ spec: licenseType: type: string type: object + required: + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20230201 - schema: - openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: + status: + description: Storage version of v1api20210501.ManagedCluster_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' + description: Storage version of v1api20210501.ManagedClusterAADProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. + description: Storage version of v1api20210501.ManagedClusterAddonProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - required: - - enabled + identity: + description: Storage version of v1api20210501.UserAssignedIdentity_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. + description: Storage version of v1api20210501.ManagedClusterAgentPoolProfile_STATUS properties: - availabilityZones: + $propertyBag: + additionalProperties: + type: string description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: items: type: string type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer - creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. - properties: - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g type: string - hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: Storage version of v1api20210501.KubeletConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: Storage version of v1api20210501.LinuxOSConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: Storage version of v1api20210501.SysctlConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - System - - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' - pattern: ^[a-z][a-z0-9]{0,11}$ + type: string + nodeImageVersion: type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' - type: object - nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string type: object + nodePublicIPPrefixID: + type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: - maximum: 2048 - minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. - enum: - - CBLMariner - - Ubuntu - - Windows2019 - - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows type: string - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + podSubnetID: + type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - enum: - - Running - - Stopped - type: string - type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + description: Storage version of v1api20210501.PowerState_STATUS properties: - armId: + $propertyBag: + additionalProperties: + type: string description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: type: string type: object - scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - enum: - - Deallocate - - Delete + provisioningState: + type: string + proximityPlacementGroupID: type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: Storage version of v1api20210501.AgentPoolUpgradeSettings_STATUS properties: - maxSurge: + $propertyBag: + additionalProperties: + type: string description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxSurge: type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - enum: - - OCIContainer - - WasmWasi + vnetSubnetID: type: string - required: - - name type: object type: array apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' + description: Storage version of v1api20210501.ManagedClusterAPIServerAccessProfile_STATUS properties: - authorizedIPRanges: + $propertyBag: + additionalProperties: + type: string description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: items: type: string type: array - disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' - type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + description: Storage version of v1api20210501.ManagedClusterProperties_AutoScalerProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. - enum: - - least-waste - - most-pods - - priority - - random type: string max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' - properties: - upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). - enum: - - node-image - - none - - patch - - rapid - - stable - type: string - type: object - azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' + description: Storage version of v1api20210501.ManagedClusterAutoUpgradeProfile_STATUS properties: - metrics: + $propertyBag: + additionalProperties: + type: string description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. - properties: - enabled: - description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. - type: boolean - kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. - properties: - metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. - type: string - metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. - type: string - type: object - required: - - enabled + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + upgradeChannel: + type: string type: object - azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ + azurePortalFQDN: type: string + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + diskEncryptionSetID: + type: string dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' + description: Storage version of v1api20210501.ExtendedLocation_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' - enum: - - EdgeZone type: string type: object + fqdn: + type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + description: Storage version of v1api20210501.ManagedClusterHTTPProxyConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object + id: + type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' + description: Storage version of v1api20210501.ManagedClusterIdentity_STATUS properties: - type: + $propertyBag: + additionalProperties: + type: string description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). - enum: - - None - - SystemAssigned - - UserAssigned + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + principalId: + type: string + tenantId: + type: string + type: type: string userAssignedIdentities: - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - items: - description: Information about the user assigned identity for the resource + additionalProperties: + description: Storage version of v1api20210501.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + clientId: + type: string + principalId: + type: string type: object - type: array + type: object type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. + description: Storage version of v1api20210501.UserAssignedIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: |- - KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All - upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or - 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' + description: Storage version of v1api20210501.ContainerServiceLinuxProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' - pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' + description: Storage version of v1api20210501.ContainerServiceSshConfiguration_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. + description: Storage version of v1api20210501.ContainerServiceSshPublicKey_STATUS properties: - keyData: + $propertyBag: + additionalProperties: + type: string description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: type: string - required: - - keyData type: object type: array - required: - - publicKeys type: object - required: - - adminUsername - - ssh type: object location: - description: 'Location: The geo-location where the resource lives' + type: string + maxAgentPools: + type: integer + name: type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' + description: Storage version of v1api20210501.ContainerServiceNetworkProfile_STATUS properties: - dnsServiceIP: + $propertyBag: + additionalProperties: + type: string description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServiceIP: type: string dockerBridgeCidr: - description: |- - DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP - ranges or the Kubernetes service address range. - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string - ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. - items: - enum: - - IPv4 - - IPv6 - type: string - type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' + description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_STATUS properties: - allocatedOutboundPorts: + $propertyBag: + additionalProperties: + type: string description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. - maximum: 64000 - minimum: 0 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allocatedOutboundPorts: type: integer effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20210501.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array - enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' - type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. - maximum: 120 - minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' + description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: - count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. - maximum: 100 - minimum: 1 - type: integer - countIPv6: + $propertyBag: + additionalProperties: + type: string description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. - maximum: 100 - minimum: 0 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' + description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20210501.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' + description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20210501.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. - enum: - - basic - - standard - type: string - natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' - properties: - effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' - items: - description: A reference to an Azure resource. - properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - type: array - idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. - maximum: 120 - minimum: 4 - type: integer - managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' - properties: - count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. - maximum: 16 - minimum: 1 - type: integer - type: object - type: object - networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' - enum: - - azure - - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' - enum: - - bridge - - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' - enum: - - azure - - kubenet - - none - type: string - networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' - enum: - - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' - enum: - - azure - - calico - - cilium type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). - enum: - - loadBalancer - - managedNATGateway - - userAssignedNATGateway - - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string - podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. - items: - type: string - type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string - serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. - items: - type: string - type: array type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string - oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' - properties: - enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' - type: boolean - type: object - operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure - properties: - configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' - properties: - oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - principalId: - description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - secrets: - description: 'Secrets: configures where to place Azure generated secrets.' - properties: - adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. + description: Storage version of v1api20210501.ManagedClusterPodIdentityProfile_STATUS properties: - allowNetworkPluginKubenet: + $propertyBag: + additionalProperties: + type: string description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowNetworkPluginKubenet: type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. + description: Storage version of v1api20210501.ManagedClusterPodIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' + description: Storage version of v1api20210501.UserAssignedIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string - required: - - identity - - name - - namespace + provisioningInfo: + description: Storage version of v1api20210501.ManagedClusterPodIdentity_ProvisioningInfo_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningError_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + details: + items: + description: Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: Storage version of v1api20210501.ManagedClusterPodIdentityException_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object - required: - - name - - namespace - - podLabels type: object type: array type: object + powerState: + description: Storage version of v1api20210501.PowerState_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + privateFQDN: + type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource + description: Storage version of v1api20210501.PrivateLinkResource_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object groupId: - description: 'GroupId: The group ID of the resource.' + type: string + id: type: string name: - description: 'Name: The name of the private link resource.' type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + privateLinkServiceID: + type: string requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array - publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' - enum: - - Disabled - - Enabled + provisioningState: type: string - securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' + servicePrincipalProfile: + description: Storage version of v1api20210501.ManagedClusterServicePrincipalProfile_STATUS properties: - azureKeyVaultKms: + $propertyBag: + additionalProperties: + type: string description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. - properties: - enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' - type: boolean - keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. - type: string - keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. - enum: - - Private - - Public - type: string - keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - defender: - description: 'Defender: Microsoft Defender settings for the security profile.' - properties: - logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' - properties: - enabled: - description: 'Enabled: Whether to enable Defender threat detection' - type: boolean - type: object - type: object - imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' - properties: - enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' - type: boolean - intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' - type: integer - type: object - workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. - properties: - enabled: - description: 'Enabled: Whether to enable workload identity.' - type: boolean - type: object - type: object - servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. - properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string - secret: - description: 'Secret: The secret password associated with the service principal in plain text.' - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - required: - - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' + description: Storage version of v1api20210501.ManagedClusterSKU_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of a managed cluster SKU.' - enum: - - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. - enum: - - Free - - Standard type: string type: object - storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' - properties: - blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' - properties: - enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' - type: boolean - type: object - diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' - properties: - enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' - type: boolean - type: object - fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' - properties: - enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' - type: boolean - type: object - snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' - properties: - enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' - type: boolean - type: object - type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object + type: + type: string windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' + description: Storage version of v1api20210501.ManagedClusterWindowsProfile_STATUS properties: - adminPassword: + $propertyBag: + additionalProperties: + type: string description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean - gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' - properties: - dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. - type: string - enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' - type: boolean - rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. - type: string - type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. - enum: - - None - - Windows_Server type: string - required: - - adminUsername - type: object - workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' - properties: - keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' - properties: - enabled: - description: 'Enabled: Whether to enable KEDA.' - type: boolean - required: - - enabled - type: object type: object - required: - - location - - owner type: object - status: - description: Managed cluster. + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20230201 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - identity: - description: 'Identity: Information of user assigned identity used by this add-on.' - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string - type: object + required: + - enabled type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: - sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' - type: string + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. - type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - type: string - hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g type: string + hostGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. + minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. + enum: + - OS + - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' - type: string - nodeImageVersion: - description: 'NodeImageVersion: The version of node image' + pattern: ^[a-z][a-z0-9]{0,11}$ type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object - nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - type: string + nodePublicIPPrefixReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: + maximum: 2048 + minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + enum: + - CBLMariner + - Ubuntu + - Windows2019 + - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - type: string - podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + enum: + - Linux + - Windows type: string - powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded + podSubnetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - type: string + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + powerState: + properties: + code: + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string type: object - provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' - type: string - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' - type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. + enum: + - Deallocate + - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions - type: string - vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + vnetSubnetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - OCIContainer + - WasmWasi type: string + required: + - name type: object type: array apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. + enum: + - least-waste + - most-pods + - priority + - random type: string max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). + enum: + - node-image + - none + - patch + - rapid + - stable type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. type: string type: object + required: + - enabled type: object type: object - azurePortalFQDN: - description: |- - AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some - responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure - Portal to function properly. - type: string - conditions: - description: 'Conditions: The observed state of the resource' - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - currentKubernetesVersion: + azureName: description: |- - CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be - exactly equal to it. If kubernetesVersion was , this field will contain the full - version being used. + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetID: - description: |- - DiskEncryptionSetID: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - type: string + diskEncryptionSetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' + enum: + - EdgeZone type: string type: object - fqdn: - description: 'Fqdn: The FQDN of the master pool.' - type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object - id: - description: |- - Id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: - principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' - type: string - tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' - type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + enum: + - None + - SystemAssigned + - UserAssigned type: string userAssignedIdentities: - additionalProperties: + items: properties: - clientId: - description: 'ClientId: The client id of user assigned identity.' - type: string - principalId: - description: 'PrincipalId: The principal id of user assigned identity.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - type: object + type: array type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: |- - KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All - upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or - 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' + pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string + required: + - keyData type: object type: array + required: + - publicKeys type: object + required: + - adminUsername + - ssh type: object location: - description: 'Location: The geo-location where the resource lives' - type: string - maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' - type: integer - name: - description: 'Name: The name of the resource' type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. + pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string dockerBridgeCidr: - description: |- - DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP - ranges or the Kubernetes service address range. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: + enum: + - IPv4 + - IPv6 type: string type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + maximum: 64000 + minimum: 0 type: integer effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. + maximum: 100 + minimum: 1 type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + maximum: 100 + minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string - type: object + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. + enum: + - basic + - standard type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. + maximum: 16 + minimum: 1 type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' + enum: + - azure + - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + enum: + - bridge + - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + enum: + - azure + - kubenet + - none type: string networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' + enum: + - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + enum: + - azure + - calico + - cilium type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + enum: + - loadBalancer + - managedNATGateway + - userAssignedNATGateway + - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean - issuerURL: - description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' + type: object + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + oidcIssuerProfile: + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + principalId: + description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: 'Secrets: configures where to place Azure generated secrets.' + properties: + adminCredentials: + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' - type: string - provisioningInfo: - properties: - error: - description: 'Error: Pod identity assignment error (if any).' - properties: - error: - description: 'Error: Details about the error.' - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - details: - description: 'Details: A list of additional details about the error.' - items: - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: array - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: object - type: object - provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string + required: + - identity + - name + - namespace type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object + required: + - name + - namespace + - podLabels type: object type: array type: object - powerState: - description: 'PowerState: The Power State of the cluster.' - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - type: string - type: object - privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' - type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' - type: string - id: - description: 'Id: The ID of the private link resource.' type: string name: - description: 'Name: The name of the private link resource.' - type: string - privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array - provisioningState: - description: 'ProvisioningState: The current provisioning state.' - type: string publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' + enum: + - Disabled + - Enabled type: string securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. - type: string - keyVaultResourceId: - description: |- - KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must - be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + enum: + - Private + - Public type: string + keyVaultResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: - logAnalyticsWorkspaceResourceId: - description: |- - LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. - When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft - Defender is disabled, leave the field empty. - type: string + logAnalyticsWorkspaceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + required: + - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' + enum: + - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. + enum: + - Free + - Standard type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object - systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' - properties: - createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' - type: string - createdBy: - description: 'CreatedBy: The identity that created the resource.' - type: string - createdByType: - description: 'CreatedByType: The type of identity that created the resource.' - type: string - lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' - type: string - lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' - type: string - lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' - type: string - type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object - type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' - type: string windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - adminUsername: + adminPassword: description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + adminUsername: type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + enum: + - None + - Windows_Server type: string + required: + - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean + required: + - enabled type: object type: object + required: + - location + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20230201storage - schema: - openAPIV3Schema: - description: |- - Storage version of v1api20230201.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Storage version of v1api20230201.ManagedCluster_Spec + status: properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object aadProfile: - description: |- - Storage version of v1api20230201.ManagedClusterAADProfile - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminGroupObjectIDs: items: type: string @@ -9815,38 +8579,27 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20230201.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object config: additionalProperties: type: string type: object enabled: type: boolean + identity: + properties: + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20230201.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object availabilityZones: items: type: string @@ -9854,38 +8607,12 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20230201.CreationData - Data used when creating a target resource from a source resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + sourceResourceId: + type: string type: object + currentOrchestratorVersion: + type: string enableAutoScaling: type: boolean enableEncryptionAtHost: @@ -9898,41 +8625,10 @@ spec: type: boolean gpuInstanceProfile: type: string - hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + hostGroupID: + type: string kubeletConfig: - description: |- - Storage version of v1api20230201.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: items: type: string @@ -9961,31 +8657,11 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20230201.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20230201.SysctlConfig - Sysctl settings for Linux agent nodes. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: type: integer fsFileMax: @@ -10058,32 +8734,14 @@ spec: type: string name: type: string + nodeImageVersion: + type: string nodeLabels: additionalProperties: type: string type: object - nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + nodePublicIPPrefixID: + type: string nodeTaints: items: type: string @@ -10098,64 +8756,17 @@ spec: type: string osType: type: string - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + podSubnetID: + type: string powerState: - description: |- - Storage version of v1api20230201.PowerState - Describes the Power State of the cluster properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: type: string type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + provisioningState: + type: string + proximityPlacementGroupID: + type: string scaleDownMode: type: string scaleSetEvictionPolicy: @@ -10171,61 +8782,20 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20230201.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object maxSurge: type: string type: object vmSize: type: string - vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + vnetSubnetID: + type: string workloadRuntime: type: string type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object authorizedIPRanges: items: type: string @@ -10240,15 +8810,7 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20230201.ManagedClusterProperties_AutoScalerProfile properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object balance-similar-node-groups: type: string expander: @@ -10285,62 +8847,18 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object upgradeChannel: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20230201.ManagedClusterAzureMonitorProfile - Azure Monitor addon profiles for monitoring the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object metrics: - description: |- - Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object metricAnnotationsAllowList: type: string metricLabelsAllowlist: @@ -10348,35 +8866,58 @@ spec: type: object type: object type: object - azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. + azurePortalFQDN: + type: string + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + currentKubernetesVersion: type: string disableLocalAccounts: type: boolean - diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + diskEncryptionSetID: + type: string dnsPrefix: type: string enablePodSecurityPolicy: @@ -10384,36 +8925,18 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20230201.ExtendedLocation - The complex type of the extended location. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string type: type: string type: object + fqdn: + type: string fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20230201.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object httpProxy: type: string httpsProxy: @@ -10425,136 +8948,48 @@ spec: trustedCa: type: string type: object + id: + type: string identity: - description: |- - Storage version of v1api20230201.ManagedClusterIdentity - Identity for the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + principalId: + type: string + tenantId: + type: string type: type: string userAssignedIdentities: - items: - description: |- - Storage version of v1api20230201.UserAssignedIdentityDetails - Information about the user assigned identity for the resource + additionalProperties: properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + clientId: + type: string + principalId: + type: string type: object - type: array + type: object type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20230201.UserAssignedIdentity - Details about a user assigned identity. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string objectId: type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object type: object kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20230201.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20230201.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicKeys: items: - description: |- - Storage version of v1api20230201.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keyData: type: string type: object @@ -10563,18 +8998,12 @@ spec: type: object location: type: string + maxAgentPools: + type: integer + name: + type: string networkProfile: - description: |- - Storage version of v1api20230201.ContainerServiceNetworkProfile - Profile of network configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object dnsServiceIP: type: string dockerBridgeCidr: @@ -10584,52 +9013,14 @@ spec: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20230201.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allocatedOutboundPorts: type: integer effectiveOutboundIPs: items: - description: |- - Storage version of v1api20230201.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array enableMultipleStandardLoadBalancers: @@ -10637,109 +9028,29 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: type: integer countIPv6: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20230201.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array type: object outboundIPs: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPs properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPs: items: - description: |- - Storage version of v1api20230201.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array type: object @@ -10747,66 +9058,18 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20230201.ManagedClusterNATGatewayProfile - Profile of the managed cluster NAT gateway. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20230201.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile - Profile of the managed outbound IP resources of the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: type: integer type: object @@ -10839,227 +9102,69 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: |- - Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile - The OIDC issuer profile of the Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean - type: object - operatorSpec: - description: |- - Storage version of v1api20230201.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - configMaps: - description: Storage version of v1api20230201.ManagedClusterOperatorConfigMaps - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - principalId: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - secrets: - description: Storage version of v1api20230201.ManagedClusterOperatorSecrets - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - originalVersion: - type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. + issuerURL: type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20230201.ManagedClusterPodIdentityProfile - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowNetworkPluginKubenet: type: boolean enabled: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20230201.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20230201.UserAssignedIdentity - Details about a user assigned identity. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string objectId: type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object name: type: string namespace: type: string + provisioningInfo: + properties: + error: + properties: + error: + properties: + code: + type: string + details: + items: + properties: + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string type: object type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20230201.ManagedClusterPodIdentityException - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string namespace: @@ -11071,43 +9176,24 @@ spec: type: object type: array type: object + powerState: + properties: + code: + type: string + type: object + privateFQDN: + type: string privateLinkResources: items: - description: |- - Storage version of v1api20230201.PrivateLinkResource - A private link resource properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object groupId: type: string + id: + type: string name: type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + privateLinkServiceID: + type: string requiredMembers: items: type: string @@ -11116,317 +9202,110 @@ spec: type: string type: object type: array + provisioningState: + type: string publicNetworkAccess: type: string securityProfile: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfile - Security profile for the container service cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object azureKeyVaultKms: - description: |- - Storage version of v1api20230201.AzureKeyVaultKms - Azure Key Vault key management service settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean keyId: type: string keyVaultNetworkAccess: type: string - keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + keyVaultResourceId: + type: string type: object defender: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfileDefender - Microsoft Defender settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + logAnalyticsWorkspaceResourceId: + type: string securityMonitoring: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring - Microsoft Defender settings for the security profile threat detection. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean intervalHours: type: integer type: object workloadIdentity: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity - Workload identity settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object servicePrincipalProfile: - description: |- - Storage version of v1api20230201.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string - secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object type: object sku: - description: |- - Storage version of v1api20230201.ManagedClusterSKU - The SKU of a Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string tier: type: string type: object storageProfile: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfile - Storage profile for the container service cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object blobCSIDriver: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver - AzureBlob CSI Driver settings for the storage profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver - AzureDisk CSI Driver settings for the storage profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver - AzureFile CSI Driver settings for the storage profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController - Snapshot Controller settings for the storage profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object + systemData: + properties: + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: + type: string + type: object tags: additionalProperties: type: string type: object + type: + type: string windowsProfile: - description: |- - Storage version of v1api20230201.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20230201.WindowsGmsaProfile - Windows gMSA Profile in the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object dnsServer: type: string enabled: @@ -11438,40 +9317,56 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile - Workload Auto-scaler profile for the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keda: - description: |- - Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object - required: - - owner type: object - status: + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20230201storage + schema: + openAPIV3Schema: + description: Storage version of v1api20230201.ManagedCluster + properties: + apiVersion: description: |- - Storage version of v1api20230201.ManagedCluster_STATUS - Managed cluster. + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20230201.ManagedCluster_Spec properties: $propertyBag: additionalProperties: @@ -11481,9 +9376,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20230201.ManagedClusterAADProfile_STATUS - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: Storage version of v1api20230201.ManagedClusterAADProfile properties: $propertyBag: additionalProperties: @@ -11511,9 +9404,7 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20230201.ManagedClusterAddonProfile_STATUS - A Kubernetes add-on profile for a managed cluster. + description: Storage version of v1api20230201.ManagedClusterAddonProfile properties: $propertyBag: additionalProperties: @@ -11528,32 +9419,11 @@ spec: type: object enabled: type: boolean - identity: - description: |- - Storage version of v1api20230201.UserAssignedIdentity_STATUS - Details about a user assigned identity. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - clientId: - type: string - objectId: - type: string - resourceId: - type: string - type: object type: object type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20230201.ManagedClusterAgentPoolProfile_STATUS - Profile for the container service agent pool. + description: Storage version of v1api20230201.ManagedClusterAgentPoolProfile properties: $propertyBag: additionalProperties: @@ -11569,9 +9439,7 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20230201.CreationData_STATUS - Data used when creating a target resource from a source resource. + description: Storage version of v1api20230201.CreationData properties: $propertyBag: additionalProperties: @@ -11580,11 +9448,27 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - sourceResourceId: - type: string + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentOrchestratorVersion: - type: string enableAutoScaling: type: boolean enableEncryptionAtHost: @@ -11597,12 +9481,28 @@ spec: type: boolean gpuInstanceProfile: type: string - hostGroupID: - type: string + hostGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: - description: |- - Storage version of v1api20230201.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: Storage version of v1api20230201.KubeletConfig properties: $propertyBag: additionalProperties: @@ -11639,9 +9539,7 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20230201.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: Storage version of v1api20230201.LinuxOSConfig properties: $propertyBag: additionalProperties: @@ -11653,9 +9551,7 @@ spec: swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20230201.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. + description: Storage version of v1api20230201.SysctlConfig properties: $propertyBag: additionalProperties: @@ -11736,14 +9632,30 @@ spec: type: string name: type: string - nodeImageVersion: - type: string nodeLabels: additionalProperties: type: string type: object - nodePublicIPPrefixID: - type: string + nodePublicIPPrefixReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: items: type: string @@ -11758,12 +9670,28 @@ spec: type: string osType: type: string - podSubnetID: - type: string + podSubnetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object powerState: - description: |- - Storage version of v1api20230201.PowerState_STATUS - Describes the Power State of the cluster + description: Storage version of v1api20230201.PowerState properties: $propertyBag: additionalProperties: @@ -11775,10 +9703,26 @@ spec: code: type: string type: object - provisioningState: - type: string - proximityPlacementGroupID: - type: string + proximityPlacementGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object scaleDownMode: type: string scaleSetEvictionPolicy: @@ -11794,9 +9738,7 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool + description: Storage version of v1api20230201.AgentPoolUpgradeSettings properties: $propertyBag: additionalProperties: @@ -11810,16 +9752,32 @@ spec: type: object vmSize: type: string - vnetSubnetID: - type: string + vnetSubnetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object workloadRuntime: type: string type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile_STATUS - Access profile for managed cluster API server. + description: Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile properties: $propertyBag: additionalProperties: @@ -11842,7 +9800,7 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20230201.ManagedClusterProperties_AutoScalerProfile_STATUS + description: Storage version of v1api20230201.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: @@ -11887,9 +9845,7 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile_STATUS - Auto upgrade profile for a managed cluster. + description: Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile properties: $propertyBag: additionalProperties: @@ -11902,9 +9858,7 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20230201.ManagedClusterAzureMonitorProfile_STATUS - Azure Monitor addon profiles for monitoring the managed cluster. + description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfile properties: $propertyBag: additionalProperties: @@ -11914,11 +9868,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object metrics: - description: |- - Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics_STATUS - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. + description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics properties: $propertyBag: additionalProperties: @@ -11930,11 +9880,7 @@ spec: enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. + description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics properties: $propertyBag: additionalProperties: @@ -11950,57 +9896,33 @@ spec: type: object type: object type: object - azurePortalFQDN: - type: string - conditions: - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - currentKubernetesVersion: + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string disableLocalAccounts: type: boolean - diskEncryptionSetID: - type: string + diskEncryptionSetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: type: string enablePodSecurityPolicy: @@ -12008,9 +9930,7 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20230201.ExtendedLocation_STATUS - The complex type of the extended location. + description: Storage version of v1api20230201.ExtendedLocation properties: $propertyBag: additionalProperties: @@ -12024,14 +9944,10 @@ spec: type: type: string type: object - fqdn: - type: string fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20230201.ManagedClusterHTTPProxyConfig_STATUS - Cluster HTTP proxy configuration. + description: Storage version of v1api20230201.ManagedClusterHTTPProxyConfig properties: $propertyBag: additionalProperties: @@ -12051,12 +9967,8 @@ spec: trustedCa: type: string type: object - id: - type: string identity: - description: |- - Storage version of v1api20230201.ManagedClusterIdentity_STATUS - Identity for the managed cluster. + description: Storage version of v1api20230201.ManagedClusterIdentity properties: $propertyBag: additionalProperties: @@ -12065,15 +9977,11 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - principalId: - type: string - tenantId: - type: string type: type: string userAssignedIdentities: - additionalProperties: - description: Storage version of v1api20230201.ManagedClusterIdentity_UserAssignedIdentities_STATUS + items: + description: Storage version of v1api20230201.UserAssignedIdentityDetails properties: $propertyBag: additionalProperties: @@ -12082,18 +9990,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - clientId: - type: string - principalId: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - type: object + type: array type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20230201.UserAssignedIdentity_STATUS - Details about a user assigned identity. + description: Storage version of v1api20230201.UserAssignedIdentity properties: $propertyBag: additionalProperties: @@ -12106,16 +10028,32 @@ spec: type: string objectId: type: string - resourceId: - type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: object kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20230201.ContainerServiceLinuxProfile_STATUS - Profile for Linux VMs in the container service cluster. + description: Storage version of v1api20230201.ContainerServiceLinuxProfile properties: $propertyBag: additionalProperties: @@ -12127,9 +10065,7 @@ spec: adminUsername: type: string ssh: - description: |- - Storage version of v1api20230201.ContainerServiceSshConfiguration_STATUS - SSH configuration for Linux-based VMs running on Azure. + description: Storage version of v1api20230201.ContainerServiceSshConfiguration properties: $propertyBag: additionalProperties: @@ -12140,9 +10076,7 @@ spec: type: object publicKeys: items: - description: |- - Storage version of v1api20230201.ContainerServiceSshPublicKey_STATUS - Contains information about SSH certificate public key data. + description: Storage version of v1api20230201.ContainerServiceSshPublicKey properties: $propertyBag: additionalProperties: @@ -12159,14 +10093,8 @@ spec: type: object location: type: string - maxAgentPools: - type: integer - name: - type: string networkProfile: - description: |- - Storage version of v1api20230201.ContainerServiceNetworkProfile_STATUS - Profile of network configuration. + description: Storage version of v1api20230201.ContainerServiceNetworkProfile properties: $propertyBag: additionalProperties: @@ -12184,9 +10112,7 @@ spec: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_STATUS - Profile of the managed cluster load balancer. + description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile properties: $propertyBag: additionalProperties: @@ -12199,9 +10125,7 @@ spec: type: integer effectiveOutboundIPs: items: - description: |- - Storage version of v1api20230201.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20230201.ResourceReference properties: $propertyBag: additionalProperties: @@ -12210,8 +10134,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array enableMultipleStandardLoadBalancers: @@ -12219,7 +10161,7 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS + description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: @@ -12234,7 +10176,7 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS + description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: @@ -12245,9 +10187,7 @@ spec: type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20230201.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20230201.ResourceReference properties: $propertyBag: additionalProperties: @@ -12256,13 +10196,31 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS + description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: @@ -12273,9 +10231,7 @@ spec: type: object publicIPs: items: - description: |- - Storage version of v1api20230201.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20230201.ResourceReference properties: $propertyBag: additionalProperties: @@ -12284,8 +10240,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -12293,9 +10267,7 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20230201.ManagedClusterNATGatewayProfile_STATUS - Profile of the managed cluster NAT gateway. + description: Storage version of v1api20230201.ManagedClusterNATGatewayProfile properties: $propertyBag: additionalProperties: @@ -12306,9 +10278,7 @@ spec: type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20230201.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20230201.ResourceReference properties: $propertyBag: additionalProperties: @@ -12317,16 +10287,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile_STATUS - Profile of the managed outbound IP resources of the managed cluster. + description: Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile properties: $propertyBag: additionalProperties: @@ -12367,9 +10353,7 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: |- - Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile_STATUS - The OIDC issuer profile of the Managed Cluster. + description: Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile properties: $propertyBag: additionalProperties: @@ -12380,14 +10364,189 @@ spec: type: object enabled: type: boolean - issuerURL: + type: object + operatorSpec: + description: |- + Storage version of v1api20230201.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: Storage version of v1api20230201.ManagedClusterOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + oidcIssuerProfile: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + principalId: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: Storage version of v1api20230201.ManagedClusterOperatorSecrets + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20230201.ManagedClusterPodIdentityProfile_STATUS - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. + description: Storage version of v1api20230201.ManagedClusterPodIdentityProfile properties: $propertyBag: additionalProperties: @@ -12402,9 +10561,7 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20230201.ManagedClusterPodIdentity_STATUS - Details about the pod identity assigned to the Managed Cluster. + description: Storage version of v1api20230201.ManagedClusterPodIdentity properties: $propertyBag: additionalProperties: @@ -12416,9 +10573,7 @@ spec: bindingSelector: type: string identity: - description: |- - Storage version of v1api20230201.UserAssignedIdentity_STATUS - Details about a user assigned identity. + description: Storage version of v1api20230201.UserAssignedIdentity properties: $propertyBag: additionalProperties: @@ -12431,85 +10586,36 @@ spec: type: string objectId: type: string - resourceId: - type: string - type: object - name: - type: string - namespace: - type: string - provisioningInfo: - description: Storage version of v1api20230201.ManagedClusterPodIdentity_ProvisioningInfo_STATUS - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: - description: |- - Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: + armId: description: |- - Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - details: - items: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - message: - type: string - target: - type: string - type: object - type: array - message: - type: string - target: - type: string - type: object + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string type: object type: object - provisioningState: + name: + type: string + namespace: type: string type: object type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20230201.ManagedClusterPodIdentityException_STATUS - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: Storage version of v1api20230201.ManagedClusterPodIdentityException properties: $propertyBag: additionalProperties: @@ -12529,28 +10635,9 @@ spec: type: object type: array type: object - powerState: - description: |- - Storage version of v1api20230201.PowerState_STATUS - Describes the Power State of the cluster - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - type: object - privateFQDN: - type: string privateLinkResources: items: - description: |- - Storage version of v1api20230201.PrivateLinkResource_STATUS - A private link resource + description: Storage version of v1api20230201.PrivateLinkResource properties: $propertyBag: additionalProperties: @@ -12561,12 +10648,28 @@ spec: type: object groupId: type: string - id: - type: string name: type: string - privateLinkServiceID: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: items: type: string @@ -12575,14 +10678,10 @@ spec: type: string type: object type: array - provisioningState: - type: string publicNetworkAccess: type: string securityProfile: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfile_STATUS - Security profile for the container service cluster. + description: Storage version of v1api20230201.ManagedClusterSecurityProfile properties: $propertyBag: additionalProperties: @@ -12592,9 +10691,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20230201.AzureKeyVaultKms_STATUS - Azure Key Vault key management service settings for the security profile. + description: Storage version of v1api20230201.AzureKeyVaultKms properties: $propertyBag: additionalProperties: @@ -12609,13 +10706,29 @@ spec: type: string keyVaultNetworkAccess: type: string - keyVaultResourceId: - type: string + keyVaultResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object defender: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfileDefender_STATUS - Microsoft Defender settings for the security profile. + description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefender properties: $propertyBag: additionalProperties: @@ -12624,12 +10737,28 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - logAnalyticsWorkspaceResourceId: - type: string + logAnalyticsWorkspaceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object securityMonitoring: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS - Microsoft Defender settings for the security profile threat detection. + description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring properties: $propertyBag: additionalProperties: @@ -12643,10 +10772,7 @@ spec: type: object type: object imageCleaner: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner_STATUS - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. + description: Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner properties: $propertyBag: additionalProperties: @@ -12661,9 +10787,7 @@ spec: type: integer type: object workloadIdentity: - description: |- - Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity_STATUS - Workload identity settings for the security profile. + description: Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity properties: $propertyBag: additionalProperties: @@ -12677,9 +10801,7 @@ spec: type: object type: object servicePrincipalProfile: - description: |- - Storage version of v1api20230201.ManagedClusterServicePrincipalProfile_STATUS - Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: Storage version of v1api20230201.ManagedClusterServicePrincipalProfile properties: $propertyBag: additionalProperties: @@ -12690,11 +10812,26 @@ spec: type: object clientId: type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object type: object sku: - description: |- - Storage version of v1api20230201.ManagedClusterSKU_STATUS - The SKU of a Managed Cluster. + description: Storage version of v1api20230201.ManagedClusterSKU properties: $propertyBag: additionalProperties: @@ -12709,9 +10846,7 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfile_STATUS - Storage profile for the container service cluster. + description: Storage version of v1api20230201.ManagedClusterStorageProfile properties: $propertyBag: additionalProperties: @@ -12721,9 +10856,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver_STATUS - AzureBlob CSI Driver settings for the storage profile. + description: Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver properties: $propertyBag: additionalProperties: @@ -12736,9 +10869,7 @@ spec: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver_STATUS - AzureDisk CSI Driver settings for the storage profile. + description: Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver properties: $propertyBag: additionalProperties: @@ -12751,9 +10882,7 @@ spec: type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver_STATUS - AzureFile CSI Driver settings for the storage profile. + description: Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver properties: $propertyBag: additionalProperties: @@ -12766,9 +10895,7 @@ spec: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController_STATUS - Snapshot Controller settings for the storage profile. + description: Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController properties: $propertyBag: additionalProperties: @@ -12781,41 +10908,12 @@ spec: type: boolean type: object type: object - systemData: - description: |- - Storage version of v1api20230201.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - createdAt: - type: string - createdBy: - type: string - createdByType: - type: string - lastModifiedAt: - type: string - lastModifiedBy: - type: string - lastModifiedByType: - type: string - type: object tags: additionalProperties: type: string type: object - type: - type: string windowsProfile: - description: |- - Storage version of v1api20230201.ManagedClusterWindowsProfile_STATUS - Profile for Windows VMs in the managed cluster. + description: Storage version of v1api20230201.ManagedClusterWindowsProfile properties: $propertyBag: additionalProperties: @@ -12824,14 +10922,29 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object + adminPassword: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20230201.WindowsGmsaProfile_STATUS - Windows gMSA Profile in the managed cluster. + description: Storage version of v1api20230201.WindowsGmsaProfile properties: $propertyBag: additionalProperties: @@ -12851,9 +10964,7 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile_STATUS - Workload Auto-scaler profile for the managed cluster. + description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile properties: $propertyBag: additionalProperties: @@ -12863,9 +10974,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda properties: $propertyBag: additionalProperties: @@ -12878,2043 +10987,1341 @@ spec: type: boolean type: object type: object + required: + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20231001 - schema: - openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: + status: + description: Storage version of v1api20230201.ManagedCluster_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' + description: Storage version of v1api20230201.ManagedClusterAADProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. + description: Storage version of v1api20230201.ManagedClusterAddonProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - required: - - enabled + identity: + description: Storage version of v1api20230201.UserAssignedIdentity_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. + description: Storage version of v1api20230201.ManagedClusterAgentPoolProfile_STATUS properties: - availabilityZones: + $propertyBag: + additionalProperties: + type: string description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: items: type: string type: array - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + description: Storage version of v1api20230201.CreationData_STATUS properties: - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + sourceResourceId: + type: string type: object + currentOrchestratorVersion: + type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g type: string - hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + hostGroupID: + type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: Storage version of v1api20230201.KubeletConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: Storage version of v1api20230201.LinuxOSConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: Storage version of v1api20230201.SysctlConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - maximum: 90 - minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - maximum: 524288 - minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - maximum: 2097152 - minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - System - - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' - pattern: ^[a-z][a-z0-9]{0,11}$ type: string - networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' + nodeImageVersion: + type: string + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixID: + type: string + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podSubnetID: + type: string + powerState: + description: Storage version of v1api20230201.PowerState_STATUS properties: - allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' - items: - description: The port range. - properties: - portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. - maximum: 65535 - minimum: 1 - type: integer - portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: 'Protocol: The network protocol of the port.' - enum: - - TCP - - UDP - type: string - type: object - type: array - applicationSecurityGroupsReferences: + $propertyBag: + additionalProperties: + type: string description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. - items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: array - nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' - items: - description: Contains the IPTag associated with the object. - properties: - ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' - type: string - tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' - type: string - type: object - type: array - type: object - nodeLabels: - additionalProperties: - type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' - type: object - nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: type: string type: object - nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' - items: - type: string - type: array - orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). - type: string - osDiskSizeGB: - maximum: 2048 - minimum: 0 - type: integer - osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed - type: string - osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. - enum: - - AzureLinux - - CBLMariner - - Ubuntu - - Windows2019 - - Windows2022 + provisioningState: type: string - osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows + proximityPlacementGroupID: type: string - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - enum: - - Running - - Stopped - type: string - type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - enum: - - Deallocate - - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS properties: - drainTimeoutInMinutes: + $propertyBag: + additionalProperties: + type: string description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. - maximum: 1440 - minimum: 1 - type: integer + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + vnetSubnetID: + type: string workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - enum: - - OCIContainer - - WasmWasi type: string - required: - - name type: object type: array apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' + description: Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile_STATUS properties: - authorizedIPRanges: + $propertyBag: + additionalProperties: + type: string description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + description: Storage version of v1api20230201.ManagedClusterProperties_AutoScalerProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. - enum: - - least-waste - - most-pods - - priority - - random type: string max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' + description: Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile_STATUS properties: - nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' - enum: - - NodeImage - - None - - Unmanaged - type: string - upgradeChannel: + $propertyBag: + additionalProperties: + type: string description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). - enum: - - node-image - - none - - patch - - rapid - - stable + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + upgradeChannel: type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' + description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfile_STATUS properties: - metrics: + $propertyBag: + additionalProperties: + type: string description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metrics: + description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics_STATUS properties: - enabled: + $propertyBag: + additionalProperties: + type: string description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: type: boolean kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. + description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS properties: - metricAnnotationsAllowList: + $propertyBag: + additionalProperties: + type: string description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metricAnnotationsAllowList: type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. type: string type: object - required: - - enabled type: object type: object - azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ + azurePortalFQDN: + type: string + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + currentKubernetesVersion: type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + diskEncryptionSetID: + type: string dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' + description: Storage version of v1api20230201.ExtendedLocation_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' - enum: - - EdgeZone type: string type: object + fqdn: + type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + description: Storage version of v1api20230201.ManagedClusterHTTPProxyConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object + id: + type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' + description: Storage version of v1api20230201.ManagedClusterIdentity_STATUS properties: - delegatedResources: + $propertyBag: additionalProperties: - description: Delegated resource properties - internal use only. - properties: - location: - description: 'Location: The source resource location - internal use only.' - type: string - referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' - type: string - resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' - pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ - type: string - type: object + type: string description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + principalId: + type: string + tenantId: + type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). - enum: - - None - - SystemAssigned - - UserAssigned type: string userAssignedIdentities: - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - items: - description: Information about the user assigned identity for the resource + additionalProperties: + description: Storage version of v1api20230201.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + clientId: + type: string + principalId: + type: string type: object - type: array + type: object type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. + description: Storage version of v1api20230201.UserAssignedIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: |- - KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All - upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or - 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' + description: Storage version of v1api20230201.ContainerServiceLinuxProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' - pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' + description: Storage version of v1api20230201.ContainerServiceSshConfiguration_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. + description: Storage version of v1api20230201.ContainerServiceSshPublicKey_STATUS properties: - keyData: + $propertyBag: + additionalProperties: + type: string description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: type: string - required: - - keyData type: object type: array - required: - - publicKeys type: object - required: - - adminUsername - - ssh type: object location: - description: 'Location: The geo-location where the resource lives' + type: string + maxAgentPools: + type: integer + name: type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' + description: Storage version of v1api20230201.ContainerServiceNetworkProfile_STATUS properties: - dnsServiceIP: + $propertyBag: + additionalProperties: + type: string description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServiceIP: + type: string + dockerBridgeCidr: type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: - enum: - - IPv4 - - IPv6 type: string type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' + description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_STATUS properties: - allocatedOutboundPorts: + $propertyBag: + additionalProperties: + type: string description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. - maximum: 64000 - minimum: 0 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allocatedOutboundPorts: type: integer - backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' - enum: - - NodeIP - - NodeIPConfiguration - type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20230201.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. - maximum: 120 - minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' + description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: - count: + $propertyBag: + additionalProperties: + type: string description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. - maximum: 100 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. - maximum: 100 - minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' + description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20230201.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' + description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20230201.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. - enum: - - basic - - standard type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' + description: Storage version of v1api20230201.ManagedClusterNATGatewayProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20230201.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. - maximum: 120 - minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' + description: Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile_STATUS properties: - count: + $propertyBag: + additionalProperties: + type: string description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. - maximum: 16 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' - enum: - - azure - - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' - enum: - - bridge - - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' - enum: - - azure - - kubenet - - none type: string networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' - enum: - - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' - enum: - - azure - - calico - - cilium type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). - enum: - - loadBalancer - - managedNATGateway - - userAssignedNATGateway - - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' + description: Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean + issuerURL: + type: string type: object - operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure + podIdentityProfile: + description: Storage version of v1api20230201.ManagedClusterPodIdentityProfile_STATUS properties: - configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' - properties: - oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - principalId: - description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - secrets: - description: 'Secrets: configures where to place Azure generated secrets.' - properties: - adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource + allowNetworkPluginKubenet: + type: boolean + enabled: + type: boolean + userAssignedIdentities: + items: + description: Storage version of v1api20230201.ManagedClusterPodIdentity_STATUS + properties: + $propertyBag: + additionalProperties: type: string - required: - - key - - name - type: object - userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. - properties: - allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. - type: boolean - enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' - type: boolean - userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' - items: - description: Details about the pod identity assigned to the Managed Cluster. - properties: + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' + description: Storage version of v1api20230201.UserAssignedIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string - required: - - identity - - name - - namespace + provisioningInfo: + description: Storage version of v1api20230201.ManagedClusterPodIdentity_ProvisioningInfo_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningError_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + details: + items: + description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: Storage version of v1api20230201.ManagedClusterPodIdentityException_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object - required: - - name - - namespace - - podLabels type: object type: array type: object + powerState: + description: Storage version of v1api20230201.PowerState_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + privateFQDN: + type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource + description: Storage version of v1api20230201.PrivateLinkResource_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object groupId: - description: 'GroupId: The group ID of the resource.' + type: string + id: type: string name: - description: 'Name: The name of the private link resource.' type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + privateLinkServiceID: + type: string requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array + provisioningState: + type: string publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' - enum: - - Disabled - - Enabled type: string securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' + description: Storage version of v1api20230201.ManagedClusterSecurityProfile_STATUS properties: - azureKeyVaultKms: + $propertyBag: + additionalProperties: + type: string description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + azureKeyVaultKms: + description: Storage version of v1api20230201.AzureKeyVaultKms_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. - enum: - - Private - - Public type: string - keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + keyVaultResourceId: + type: string type: object defender: - description: 'Defender: Microsoft Defender settings for the security profile.' + description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefender_STATUS properties: - logAnalyticsWorkspaceResourceReference: + $propertyBag: + additionalProperties: + type: string description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + logAnalyticsWorkspaceResourceId: + type: string securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' + description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' + description: Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. - properties: - enabled: - description: 'Enabled: Whether to enable workload identity.' - type: boolean - type: object - type: object - serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' - properties: - istio: - description: 'Istio: Istio service mesh configuration.' + description: Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity_STATUS properties: - certificateAuthority: + $propertyBag: + additionalProperties: + type: string description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca - properties: - plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' - properties: - certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' - type: string - certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' - type: string - keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' - type: string - keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' - type: string - type: object - type: object - components: - description: 'Components: Istio components configuration.' - properties: - egressGateways: - description: 'EgressGateways: Istio egress gateways.' - items: - description: Istio egress gateway configuration. - properties: - enabled: - description: 'Enabled: Whether to enable the egress gateway.' - type: boolean - nodeSelector: - additionalProperties: - type: string - description: 'NodeSelector: NodeSelector for scheduling the egress gateway.' - type: object - required: - - enabled - type: object - type: array - ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' - items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. - properties: - enabled: - description: 'Enabled: Whether to enable the ingress gateway.' - type: boolean - mode: - description: 'Mode: Mode of an ingress gateway.' - enum: - - External - - Internal - type: string - required: - - enabled - - mode - type: object - type: array + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade - items: - type: string - maxItems: 2 - type: array + enabled: + type: boolean type: object - mode: - description: 'Mode: Mode of the service mesh.' - enum: - - Disabled - - Istio - type: string - required: - - mode type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. + description: Storage version of v1api20230201.ManagedClusterServicePrincipalProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The ID for the service principal.' type: string - secret: - description: 'Secret: The secret password associated with the service principal in plain text.' - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - required: - - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' + description: Storage version of v1api20230201.ManagedClusterSKU_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of a managed cluster SKU.' - enum: - - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. - enum: - - Free - - Premium - - Standard type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' + description: Storage version of v1api20230201.ManagedClusterStorageProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' + description: Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' + description: Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver_STATUS properties: - enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' - type: boolean - type: object + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' + description: Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' + description: Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object - supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' - enum: - - AKSLongTermSupport - - KubernetesOfficial - type: string + systemData: + description: Storage version of v1api20230201.SystemData_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: + type: string + type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' - type: object - upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' - properties: - overrideSettings: - description: 'OverrideSettings: Settings for overrides.' - properties: - forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. - type: boolean - until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. - type: string - type: object type: object + type: + type: string windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' + description: Storage version of v1api20230201.ManagedClusterWindowsProfile_STATUS properties: - adminPassword: + $propertyBag: + additionalProperties: + type: string description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' + description: Storage version of v1api20230201.WindowsGmsaProfile_STATUS properties: - dnsServer: + $propertyBag: + additionalProperties: + type: string description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServer: type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. - enum: - - None - - Windows_Server type: string - required: - - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' + description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile_STATUS properties: - keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' - properties: - enabled: - description: 'Enabled: Whether to enable KEDA.' - type: boolean - required: - - enabled + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - verticalPodAutoscaler: - description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' + keda: + description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean - required: - - enabled type: object type: object - required: - - location - - owner type: object - status: - description: Managed cluster. + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20231001 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: properties: aadProfile: description: 'AadProfile: The Azure Active Directory configuration.' @@ -14957,19 +12364,8 @@ spec: enabled: description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - identity: - description: 'Identity: Information of user assigned identity used by this add-on.' - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string - type: object + required: + - enabled type: object description: 'AddonProfiles: The profile of managed cluster add-on.' type: object @@ -14985,9 +12381,26 @@ spec: items: type: string type: array - capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' - type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: description: |- Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) @@ -14998,16 +12411,27 @@ spec: CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. properties: - sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' - type: string + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. - type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean @@ -15035,13 +12459,36 @@ spec: type: boolean gpuInstanceProfile: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g type: string - hostGroupID: + hostGroupReference: description: |- - HostGroupID: This is of the form: + HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: @@ -15054,6 +12501,7 @@ spec: description: |- ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be ≥ 2. + minimum: 2 type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -15095,6 +12543,9 @@ spec: description: |- KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. + enum: + - OS + - Temporary type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -15173,12 +12624,18 @@ spec: type: boolean netIpv4TcpkeepaliveIntvl: description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 type: integer netNetfilterNfConntrackBuckets: description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 type: integer netNetfilterNfConntrackMax: description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 type: integer vmMaxMapCount: description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' @@ -15216,9 +12673,13 @@ spec: description: |- Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User type: string name: description: 'Name: Windows agent pool names must be 6 characters or less.' + pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: description: 'NetworkProfile: Network-related settings of an agent pool.' @@ -15232,21 +12693,48 @@ spec: description: |- PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart. + maximum: 65535 + minimum: 1 type: integer portStart: description: |- PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd. + maximum: 65535 + minimum: 1 type: integer protocol: description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP type: string type: object type: array - applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' + applicationSecurityGroupsReferences: + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array nodePublicIPTags: description: 'NodePublicIPTags: IPTags of instance-level public IPs.' @@ -15262,19 +12750,33 @@ spec: type: object type: array type: object - nodeImageVersion: - description: 'NodeImageVersion: The version of node image' - type: string nodeLabels: additionalProperties: type: string description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object - nodePublicIPPrefixID: + nodePublicIPPrefixReference: description: |- - NodePublicIPPrefixID: This is of the form: + NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: @@ -15292,27 +12794,58 @@ spec: pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: + maximum: 2048 + minimum: 0 type: integer osDiskType: description: |- OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed type: string osSKU: description: |- OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + enum: + - AzureLinux + - CBLMariner + - Ubuntu + - Windows2019 + - Windows2022 type: string osType: description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows type: string - podSubnetID: + podSubnetReference: description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object powerState: description: |- PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this @@ -15321,24 +12854,50 @@ spec: properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object - provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' - type: string - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' - type: string scaleDownMode: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete type: string scaleSetEvictionPolicy: description: |- ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. + enum: + - Deallocate + - Delete type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot type: string spotMaxPrice: description: |- @@ -15353,6 +12912,9 @@ spec: type: object type: description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets type: string upgradeSettings: description: 'UpgradeSettings: Settings for upgrading the agentpool' @@ -15362,6 +12924,8 @@ spec: DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 type: integer maxSurge: description: |- @@ -15377,15 +12941,37 @@ spec: might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetID: + vnetSubnetReference: description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - OCIContainer + - WasmWasi type: string + required: + - name type: object type: array apiServerAccessProfile: @@ -15428,6 +13014,11 @@ spec: Expander: If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information. + enum: + - least-waste + - most-pods + - priority + - random type: string max-empty-bulk-delete: description: 'MaxEmptyBulkDelete: The default is 10.' @@ -15495,15 +13086,25 @@ spec: properties: nodeOSUpgradeChannel: description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' + enum: + - NodeImage + - None + - Unmanaged type: string upgradeChannel: description: |- UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). - type: string - type: object - azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' + enum: + - node-image + - none + - patch + - rapid + - stable + type: string + type: object + azureMonitorProfile: + description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: description: |- @@ -15535,63 +13136,17 @@ spec: resource name and namespace labels. type: string type: object + required: + - enabled type: object type: object - azurePortalFQDN: - description: |- - AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some - responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure - Portal to function properly. - type: string - conditions: - description: 'Conditions: The observed state of the resource' - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - currentKubernetesVersion: + azureName: description: |- - CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be - exactly equal to it. If kubernetesVersion was , this field will contain the full - version being used. + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string disableLocalAccounts: description: |- @@ -15599,11 +13154,28 @@ spec: used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetID: + diskEncryptionSetReference: description: |- - DiskEncryptionSetID: This is of the form: + DiskEncryptionSetReference: This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string @@ -15624,11 +13196,10 @@ spec: type: string type: description: 'Type: The type of the extended location.' + enum: + - EdgeZone type: string type: object - fqdn: - description: 'Fqdn: The FQDN of the master pool.' - type: string fqdnSubdomain: description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string @@ -15650,11 +13221,6 @@ spec: description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object - id: - description: |- - Id: Fully qualified resource ID for the resource. E.g. - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" - type: string identity: description: 'Identity: The identity of the managed cluster, if configured.' properties: @@ -15668,42 +13234,73 @@ spec: referralResource: description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string - resourceId: - description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' - type: string + resourceReference: + description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object tenantId: description: 'TenantId: The tenant id of the delegated resource - internal use only.' + pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object description: |- DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object - principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' - type: string - tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' - type: string type: description: |- Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + enum: + - None + - SystemAssigned + - UserAssigned type: string userAssignedIdentities: - additionalProperties: - properties: - clientId: - description: 'ClientId: The client id of user assigned identity.' - type: string - principalId: - description: 'PrincipalId: The principal id of user assigned identity.' - type: string - type: object description: |- UserAssignedIdentities: The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - type: object + items: + description: Information about the user assigned identity for the resource + properties: + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array type: object identityProfile: additionalProperties: @@ -15715,9 +13312,26 @@ spec: objectId: description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object description: 'IdentityProfile: Identities associated with the cluster.' type: object @@ -15736,6 +13350,7 @@ spec: properties: adminUsername: description: 'AdminUsername: The administrator username to use for Linux VMs.' + pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' @@ -15750,19 +13365,20 @@ spec: KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers. type: string + required: + - keyData type: object type: array + required: + - publicKeys type: object + required: + - adminUsername + - ssh type: object location: description: 'Location: The geo-location where the resource lives' type: string - maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' - type: integer - name: - description: 'Name: The name of the resource' - type: string networkProfile: description: 'NetworkProfile: The network configuration profile.' properties: @@ -15770,12 +13386,16 @@ spec: description: |- DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. + pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: description: |- IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: + enum: + - IPv4 + - IPv6 type: string type: array loadBalancerProfile: @@ -15785,18 +13405,40 @@ spec: description: |- AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + maximum: 64000 + minimum: 0 type: integer backendPoolType: description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' + enum: + - NodeIP + - NodeIPConfiguration type: string effectiveOutboundIPs: description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array enableMultipleStandardLoadBalancers: @@ -15806,6 +13448,8 @@ spec: description: |- IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPs: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' @@ -15814,11 +13458,15 @@ spec: description: |- Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. + maximum: 100 + minimum: 1 type: integer countIPv6: description: |- CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + maximum: 100 + minimum: 0 type: integer type: object outboundIPPrefixes: @@ -15829,9 +13477,26 @@ spec: items: description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -15843,9 +13508,26 @@ spec: items: description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -15855,6 +13537,9 @@ spec: LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs. + enum: + - basic + - standard type: string natGatewayProfile: description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' @@ -15864,15 +13549,34 @@ spec: items: description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: description: |- IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPProfile: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' @@ -15881,31 +13585,55 @@ spec: description: |- Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. + maximum: 16 + minimum: 1 type: integer type: object type: object networkDataplane: description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' + enum: + - azure + - cilium type: string networkMode: description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + enum: + - bridge + - transparent type: string networkPlugin: description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + enum: + - azure + - kubenet + - none type: string networkPluginMode: description: 'NetworkPluginMode: The mode the network plugin should use.' + enum: + - overlay type: string networkPolicy: description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + enum: + - azure + - calico + - cilium type: string outboundType: description: |- OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + enum: + - loadBalancer + - managedNATGateway + - userAssignedNATGateway + - userDefinedRouting type: string podCidr: description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: description: |- @@ -15918,6 +13646,7 @@ spec: description: |- ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: description: |- @@ -15936,8 +13665,158 @@ spec: enabled: description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean - issuerURL: - description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' + type: object + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + oidcIssuerProfile: + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + principalId: + description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: 'Secrets: configures where to place Azure generated secrets.' + properties: + adminCredentials: + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: @@ -15972,9 +13851,26 @@ spec: objectId: description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object name: description: 'Name: The name of the pod identity.' @@ -15982,44 +13878,10 @@ spec: namespace: description: 'Namespace: The namespace of the pod identity.' type: string - provisioningInfo: - properties: - error: - description: 'Error: Pod identity assignment error (if any).' - properties: - error: - description: 'Error: Details about the error.' - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - details: - description: 'Details: A list of additional details about the error.' - items: - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: array - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: object - type: object - provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' - type: string + required: + - identity + - name + - namespace type: object type: array userAssignedIdentityExceptions: @@ -16040,19 +13902,13 @@ spec: type: string description: 'PodLabels: The pod labels to match.' type: object + required: + - name + - namespace + - podLabels type: object type: array type: object - powerState: - description: 'PowerState: The Power State of the cluster.' - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - type: string - type: object - privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' - type: string privateLinkResources: description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: @@ -16061,15 +13917,29 @@ spec: groupId: description: 'GroupId: The group ID of the resource.' type: string - id: - description: 'Id: The ID of the private link resource.' - type: string name: description: 'Name: The name of the private link resource.' type: string - privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' - type: string + reference: + description: 'Reference: The ID of the private link resource.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: description: 'RequiredMembers: The RequiredMembers of the resource' items: @@ -16080,16 +13950,11 @@ spec: type: string type: object type: array - provisioningState: - description: 'ProvisioningState: The current provisioning state.' - type: string publicNetworkAccess: description: 'PublicNetworkAccess: Allow or deny public network access for AKS' - type: string - resourceUID: - description: |- - ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create - sequence) + enum: + - Disabled + - Enabled type: string securityProfile: description: 'SecurityProfile: Security profile for the managed cluster.' @@ -16114,22 +13979,59 @@ spec: KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`. + enum: + - Private + - Public type: string - keyVaultResourceId: + keyVaultResourceReference: description: |- - KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must - be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - type: string + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object defender: description: 'Defender: Microsoft Defender settings for the security profile.' properties: - logAnalyticsWorkspaceResourceId: + logAnalyticsWorkspaceResourceReference: description: |- - LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. - When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft - Defender is disabled, leave the field empty. - type: string + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object securityMonitoring: description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: @@ -16181,9 +14083,26 @@ spec: keyObjectName: description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string - keyVaultId: - description: 'KeyVaultId: The resource ID of the Key Vault.' - type: string + keyVaultReference: + description: 'KeyVaultReference: The resource ID of the Key Vault.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object rootCertObjectName: description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string @@ -16205,6 +14124,8 @@ spec: type: string description: 'NodeSelector: NodeSelector for scheduling the egress gateway.' type: object + required: + - enabled type: object type: array ingressGateways: @@ -16219,7 +14140,13 @@ spec: type: boolean mode: description: 'Mode: Mode of an ingress gateway.' + enum: + - External + - Internal type: string + required: + - enabled + - mode type: object type: array type: object @@ -16230,11 +14157,17 @@ spec: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string + maxItems: 2 type: array type: object mode: description: 'Mode: Mode of the service mesh.' + enum: + - Disabled + - Istio type: string + required: + - mode type: object servicePrincipalProfile: description: |- @@ -16244,17 +14177,40 @@ spec: clientId: description: 'ClientId: The ID for the service principal.' type: string + secret: + description: 'Secret: The secret password associated with the service principal in plain text.' + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + required: + - clientId type: object sku: description: 'Sku: The managed cluster SKU.' properties: name: description: 'Name: The name of a managed cluster SKU.' + enum: + - Base type: string tier: description: |- Tier: If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. + enum: + - Free + - Premium + - Standard type: string type: object storageProfile: @@ -16291,37 +14247,15 @@ spec: type: object supportPlan: description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' + enum: + - AKSLongTermSupport + - KubernetesOfficial type: string - systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' - properties: - createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' - type: string - createdBy: - description: 'CreatedBy: The identity that created the resource.' - type: string - createdByType: - description: 'CreatedByType: The type of identity that created the resource.' - type: string - lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' - type: string - lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' - type: string - lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' - type: string - type: object tags: additionalProperties: type: string description: 'Tags: Resource tags.' type: object - type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' - type: string upgradeSettings: description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: @@ -16344,6 +14278,31 @@ spec: windowsProfile: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: + adminPassword: + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: description: |- AdminUsername: Specifies the name of the administrator account. @@ -16380,7 +14339,12 @@ spec: description: |- LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + enum: + - None + - Windows_Server type: string + required: + - adminUsername type: object workloadAutoScalerProfile: description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' @@ -16391,6 +14355,8 @@ spec: enabled: description: 'Enabled: Whether to enable KEDA.' type: boolean + required: + - enabled type: object verticalPodAutoscaler: description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' @@ -16398,2079 +14364,1548 @@ spec: enabled: description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean + required: + - enabled type: object type: object + required: + - location + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20231001storage - schema: - openAPIV3Schema: - description: |- - Storage version of v1api20231001.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Storage version of v1api20231001.ManagedCluster_Spec + status: + description: Managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object aadProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAADProfile - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: 'AadProfile: The Azure Active Directory configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminGroupObjectIDs: + description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: + description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: + description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: + description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: + description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: + description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20231001.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. + description: A Kubernetes add-on profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object config: additionalProperties: type: string + description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: + description: 'Enabled: Whether the add-on is enabled or not.' type: boolean + identity: + description: 'Identity: Information of user assigned identity used by this add-on.' + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object type: object + description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: + description: 'AgentPoolProfiles: The agent pool properties.' items: - description: |- - Storage version of v1api20231001.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. + description: Profile for the container service agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + type: string count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - Storage version of v1api20231001.CreationData - Data used when creating a target resource from a source resource. + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' + type: string type: object + currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. + type: string enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string - hostGroupReference: + hostGroupID: description: |- - HostGroupReference: This is of the form: + HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string kubeletConfig: - description: |- - Storage version of v1api20231001.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. type: integer containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: - description: |- - Storage version of v1api20231001.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: |- - Storage version of v1api20231001.SysctlConfig - Sysctl settings for Linux agent nodes. + description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: + description: 'Name: Windows agent pool names must be 6 characters or less.' type: string networkProfile: - description: |- - Storage version of v1api20231001.AgentPoolNetworkProfile - Network settings of an agent pool. + description: 'NetworkProfile: Network-related settings of an agent pool.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: |- - Storage version of v1api20231001.PortRange - The port range. + description: The port range. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: + description: 'Protocol: The network protocol of the port.' type: string type: object type: array - applicationSecurityGroupsReferences: + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string type: array nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: |- - Storage version of v1api20231001.IPTag - Contains the IPTag associated with the object. + description: Contains the IPTag associated with the object. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object + nodeImageVersion: + description: 'NodeImageVersion: The version of node image' + type: string nodeLabels: additionalProperties: type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object - nodePublicIPPrefixReference: + nodePublicIPPrefixID: description: |- - NodePublicIPPrefixReference: This is of the form: + NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: + description: 'OsType: The operating system type. The default is Linux.' type: string - podSubnetReference: + podSubnetID: description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string powerState: description: |- - Storage version of v1api20231001.PowerState - Describes the Power State of the cluster + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: + description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' + type: string + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: + description: 'Type: The type of Agent Pool.' type: string upgradeSettings: - description: |- - Storage version of v1api20231001.AgentPoolUpgradeSettings - Settings for upgrading an agentpool + description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. type: integer maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetReference: + vnetSubnetID: description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. + description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object authorizedIPRanges: + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: + description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: + description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string type: object autoScalerProfile: - description: Storage version of v1api20231001.ManagedClusterProperties_AutoScalerProfile + description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object balance-similar-node-groups: + description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. type: string max-empty-bulk-delete: + description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: + description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: + description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: + description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: + description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: + description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: + description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: + description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. + description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object nodeOSUpgradeChannel: + description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' type: string upgradeChannel: + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfile - Azure Monitor addon profiles for monitoring the managed cluster. + description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object metrics: description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: |- + Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See + aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object metricAnnotationsAllowList: + description: |- + MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's + labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric + contains only resource name and namespace labels. type: string metricLabelsAllowlist: + description: |- + MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only + resource name and namespace labels. type: string type: object type: object type: object - azureName: + azurePortalFQDN: description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. + type: string + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + currentKubernetesVersion: + description: |- + CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be + exactly equal to it. If kubernetesVersion was , this field will contain the full + version being used. type: string disableLocalAccounts: + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetReference: + diskEncryptionSetID: description: |- - DiskEncryptionSetReference: This is of the form: + DiskEncryptionSetID: This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string dnsPrefix: + description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: + description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: |- - Storage version of v1api20231001.ExtendedLocation - The complex type of the extended location. + description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: + description: 'Name: The name of the extended location.' type: string type: + description: 'Type: The type of the extended location.' type: string type: object + fqdn: + description: 'Fqdn: The FQDN of the master pool.' + type: string fqdnSubdomain: + description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: |- - Storage version of v1api20231001.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. + description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object httpProxy: + description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: + description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: + description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: + description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object - identity: + id: description: |- - Storage version of v1api20231001.ManagedClusterIdentity - Identity for the managed cluster. + Id: Fully qualified resource ID for the resource. E.g. + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + type: string + identity: + description: 'Identity: The identity of the managed cluster, if configured.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20231001.DelegatedResource - Delegated resource properties - internal use only. + description: Delegated resource properties - internal use only. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object location: + description: 'Location: The source resource location - internal use only.' type: string referralResource: + description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' + type: string + resourceId: + description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' type: string - resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object tenantId: + description: 'TenantId: The tenant id of the delegated resource - internal use only.' type: string type: object + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object + principalId: + description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' + type: string + tenantId: + description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' + type: string type: + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: - items: - description: |- - Storage version of v1api20231001.UserAssignedIdentityDetails - Information about the user assigned identity for the resource + additionalProperties: properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + clientId: + description: 'ClientId: The client id of user assigned identity.' + type: string + principalId: + description: 'PrincipalId: The principal id of user assigned identity.' + type: string type: object - type: array + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. + type: object type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20231001.UserAssignedIdentity - Details about a user assigned identity. + description: Details about a user assigned identity. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: + description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object type: object + description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: + description: |- + KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All + upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or + 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: |- - Storage version of v1api20231001.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. + description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminUsername: + description: 'AdminUsername: The administrator username to use for Linux VMs.' type: string ssh: - description: |- - Storage version of v1api20231001.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. + description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicKeys: + description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: |- - Storage version of v1api20231001.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. + description: Contains information about SSH certificate public key data. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keyData: + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string type: object type: array type: object type: object location: + description: 'Location: The geo-location where the resource lives' + type: string + maxAgentPools: + description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' + type: integer + name: + description: 'Name: The name of the resource' type: string networkProfile: - description: |- - Storage version of v1api20231001.ContainerServiceNetworkProfile - Profile of network configuration. + description: 'NetworkProfile: The network configuration profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object dnsServiceIP: + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. type: string ipFamilies: + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. + description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allocatedOutboundPorts: + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: + description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' type: string effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: |- - Storage version of v1api20231001.ResourceReference - A reference to an Azure resource. + description: A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + description: 'Id: The fully qualified Azure resource id.' + type: string type: object type: array enableMultipleStandardLoadBalancers: + description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs + description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes + description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPPrefixes: + description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: |- - Storage version of v1api20231001.ResourceReference - A reference to an Azure resource. + description: A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + description: 'Id: The fully qualified Azure resource id.' + type: string type: object type: array type: object outboundIPs: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPs + description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPs: + description: 'PublicIPs: A list of public IP resources.' items: - description: |- - Storage version of v1api20231001.ResourceReference - A reference to an Azure resource. + description: A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + description: 'Id: The fully qualified Azure resource id.' + type: string type: object type: array type: object type: object loadBalancerSku: + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. type: string natGatewayProfile: - description: |- - Storage version of v1api20231001.ManagedClusterNATGatewayProfile - Profile of the managed cluster NAT gateway. + description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: |- - Storage version of v1api20231001.ResourceReference - A reference to an Azure resource. + description: A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + description: 'Id: The fully qualified Azure resource id.' + type: string type: object type: array idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile - Profile of the managed outbound IP resources of the managed cluster. + description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. type: integer type: object type: object networkDataplane: + description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' type: string networkMode: + description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' type: string networkPlugin: + description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' type: string networkPluginMode: + description: 'NetworkPluginMode: The mode the network plugin should use.' type: string networkPolicy: + description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: + description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. type: string serviceCidrs: + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object nodeResourceGroup: + description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string oidcIssuerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile - The OIDC issuer profile of the Managed Cluster. + description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean + issuerURL: + description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' + type: string type: object - operatorSpec: + podIdentityProfile: description: |- - Storage version of v1api20231001.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: - $propertyBag: - additionalProperties: - type: string + allowNetworkPluginKubenet: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - configMaps: - description: Storage version of v1api20231001.ManagedClusterOperatorConfigMaps - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - principalId: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - secrets: - description: Storage version of v1api20231001.ManagedClusterOperatorSecrets - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - originalVersion: - type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - podIdentityProfile: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityProfile - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - allowNetworkPluginKubenet: + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: + description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: + description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. + description: Details about the pod identity assigned to the Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object bindingSelector: + description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: |- - Storage version of v1api20231001.UserAssignedIdentity - Details about a user assigned identity. + description: 'Identity: The user assigned identity details.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: + description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object type: object name: + description: 'Name: The name of the pod identity.' type: string namespace: + description: 'Namespace: The namespace of the pod identity.' + type: string + provisioningInfo: + properties: + error: + description: 'Error: Pod identity assignment error (if any).' + properties: + error: + description: 'Error: Details about the error.' + properties: + code: + description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' + type: string + details: + description: 'Details: A list of additional details about the error.' + items: + properties: + code: + description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' + type: string + message: + description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' + type: string + target: + description: 'Target: The target of the particular error. For example, the name of the property in error.' + type: string + type: object + type: array + message: + description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' + type: string + target: + description: 'Target: The target of the particular error. For example, the name of the property in error.' + type: string + type: object + type: object + type: object + provisioningState: + description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string type: object type: array userAssignedIdentityExceptions: + description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityException See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: + description: 'Name: The name of the pod identity exception.' type: string namespace: + description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string + description: 'PodLabels: The pod labels to match.' type: object type: object type: array type: object + powerState: + description: 'PowerState: The Power State of the cluster.' + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + type: string + type: object + privateFQDN: + description: 'PrivateFQDN: The FQDN of private cluster.' + type: string privateLinkResources: + description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: |- - Storage version of v1api20231001.PrivateLinkResource - A private link resource + description: A private link resource properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object groupId: + description: 'GroupId: The group ID of the resource.' + type: string + id: + description: 'Id: The ID of the private link resource.' type: string name: + description: 'Name: The name of the private link resource.' + type: string + privateLinkServiceID: + description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object requiredMembers: + description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: + description: 'Type: The resource type.' type: string type: object type: array + provisioningState: + description: 'ProvisioningState: The current provisioning state.' + type: string publicNetworkAccess: + description: 'PublicNetworkAccess: Allow or deny public network access for AKS' type: string - securityProfile: + resourceUID: description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfile - Security profile for the container service cluster. + ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create + sequence) + type: string + securityProfile: + description: 'SecurityProfile: Security profile for the managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object azureKeyVaultKms: description: |- - Storage version of v1api20231001.AzureKeyVaultKms - Azure Key Vault key management service settings for the security profile. + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. type: string - keyVaultResourceReference: + keyVaultResourceId: description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must + be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + type: string type: object defender: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileDefender - Microsoft Defender settings for the security profile. + description: 'Defender: Microsoft Defender settings for the security profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - logAnalyticsWorkspaceResourceReference: + logAnalyticsWorkspaceResourceId: description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. + When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft + Defender is disabled, leave the field empty. + type: string securityMonitoring: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring - Microsoft Defender settings for the security profile threat detection. + description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. + description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: + description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity - Workload identity settings for the security profile. + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20231001.ServiceMeshProfile - Service mesh profile for a managed cluster. + description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object istio: - description: |- - Storage version of v1api20231001.IstioServiceMesh - Istio service mesh configuration. + description: 'Istio: Istio service mesh configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object certificateAuthority: description: |- - Storage version of v1api20231001.IstioCertificateAuthority - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object plugin: - description: |- - Storage version of v1api20231001.IstioPluginCertificateAuthority - Plugin certificates information for Service Mesh. + description: 'Plugin: Plugin certificates information for Service Mesh.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object certChainObjectName: + description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: + description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: + description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' + type: string + keyVaultId: + description: 'KeyVaultId: The resource ID of the Key Vault.' type: string - keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object rootCertObjectName: + description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: |- - Storage version of v1api20231001.IstioComponents - Istio components configuration. + description: 'Components: Istio components configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object egressGateways: + description: 'EgressGateways: Istio egress gateways.' items: - description: |- - Storage version of v1api20231001.IstioEgressGateway - Istio egress gateway configuration. + description: Istio egress gateway configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable the egress gateway.' type: boolean nodeSelector: additionalProperties: type: string + description: 'NodeSelector: NodeSelector for scheduling the egress gateway.' type: object type: object type: array ingressGateways: + description: 'IngressGateways: Istio ingress gateways.' items: description: |- - Storage version of v1api20231001.IstioIngressGateway Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: + description: 'Mode: Mode of an ingress gateway.' type: string type: object type: array type: object revisions: + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string type: array type: object mode: + description: 'Mode: Mode of the service mesh.' type: string type: object servicePrincipalProfile: description: |- - Storage version of v1api20231001.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: + description: 'ClientId: The ID for the service principal.' type: string - secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object type: object sku: - description: |- - Storage version of v1api20231001.ManagedClusterSKU - The SKU of a Managed Cluster. + description: 'Sku: The managed cluster SKU.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: + description: 'Name: The name of a managed cluster SKU.' type: string tier: + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfile - Storage profile for the container service cluster. + description: 'StorageProfile: Storage profile for the managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object blobCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver - AzureBlob CSI Driver settings for the storage profile. + description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver - AzureDisk CSI Driver settings for the storage profile. + description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver - AzureFile CSI Driver settings for the storage profile. + description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController - Snapshot Controller settings for the storage profile. + description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: + description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' type: string + systemData: + description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' + properties: + createdAt: + description: 'CreatedAt: The timestamp of resource creation (UTC).' + type: string + createdBy: + description: 'CreatedBy: The identity that created the resource.' + type: string + createdByType: + description: 'CreatedByType: The type of identity that created the resource.' + type: string + lastModifiedAt: + description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' + type: string + lastModifiedBy: + description: 'LastModifiedBy: The identity that last modified the resource.' + type: string + lastModifiedByType: + description: 'LastModifiedByType: The type of identity that last modified the resource.' + type: string + type: object tags: additionalProperties: type: string + description: 'Tags: Resource tags.' type: object + type: + description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' + type: string upgradeSettings: - description: |- - Storage version of v1api20231001.ClusterUpgradeSettings - Settings for upgrading a cluster. + description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object overrideSettings: - description: |- - Storage version of v1api20231001.UpgradeOverrideSettings - Settings for overrides when upgrading a cluster. + description: 'OverrideSettings: Settings for overrides.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object forceUpgrade: + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: |- - Storage version of v1api20231001.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. + description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object adminUsername: + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: |- - Storage version of v1api20231001.WindowsGmsaProfile - Windows gMSA Profile in the managed cluster. + description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object dnsServer: + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: + description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile - Workload Auto-scaler profile for the managed cluster. + description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keda: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable KEDA.' type: boolean type: object verticalPodAutoscaler: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler - VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. + description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean type: object type: object - required: - - owner type: object - status: + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20231001storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20231001.ManagedCluster + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} + properties: + apiVersion: description: |- - Storage version of v1api20231001.ManagedCluster_STATUS - Managed cluster. + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20231001.ManagedCluster_Spec properties: $propertyBag: additionalProperties: @@ -18481,7 +15916,7 @@ spec: type: object aadProfile: description: |- - Storage version of v1api20231001.ManagedClusterAADProfile_STATUS + Storage version of v1api20231001.ManagedClusterAADProfile For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: @@ -18511,7 +15946,7 @@ spec: addonProfiles: additionalProperties: description: |- - Storage version of v1api20231001.ManagedClusterAddonProfile_STATUS + Storage version of v1api20231001.ManagedClusterAddonProfile A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: @@ -18527,31 +15962,12 @@ spec: type: object enabled: type: boolean - identity: - description: |- - Storage version of v1api20231001.UserAssignedIdentity_STATUS - Details about a user assigned identity. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - clientId: - type: string - objectId: - type: string - resourceId: - type: string - type: object type: object type: object agentPoolProfiles: items: description: |- - Storage version of v1api20231001.ManagedClusterAgentPoolProfile_STATUS + Storage version of v1api20231001.ManagedClusterAgentPoolProfile Profile for the container service agent pool. properties: $propertyBag: @@ -18565,13 +15981,31 @@ spec: items: type: string type: array - capacityReservationGroupID: - type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: type: integer creationData: description: |- - Storage version of v1api20231001.CreationData_STATUS + Storage version of v1api20231001.CreationData Data used when creating a target resource from a source resource. properties: $propertyBag: @@ -18581,11 +16015,27 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - sourceResourceId: - type: string + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentOrchestratorVersion: - type: string enableAutoScaling: type: boolean enableEncryptionAtHost: @@ -18598,11 +16048,32 @@ spec: type: boolean gpuInstanceProfile: type: string - hostGroupID: - type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: description: |- - Storage version of v1api20231001.KubeletConfig_STATUS + Storage version of v1api20231001.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: @@ -18641,7 +16112,7 @@ spec: type: string linuxOSConfig: description: |- - Storage version of v1api20231001.LinuxOSConfig_STATUS + Storage version of v1api20231001.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: @@ -18655,7 +16126,7 @@ spec: type: integer sysctls: description: |- - Storage version of v1api20231001.SysctlConfig_STATUS + Storage version of v1api20231001.SysctlConfig Sysctl settings for Linux agent nodes. properties: $propertyBag: @@ -18739,7 +16210,7 @@ spec: type: string networkProfile: description: |- - Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS + Storage version of v1api20231001.AgentPoolNetworkProfile Network settings of an agent pool. properties: $propertyBag: @@ -18752,7 +16223,7 @@ spec: allowedHostPorts: items: description: |- - Storage version of v1api20231001.PortRange_STATUS + Storage version of v1api20231001.PortRange The port range. properties: $propertyBag: @@ -18770,14 +16241,32 @@ spec: type: string type: object type: array - applicationSecurityGroups: + applicationSecurityGroupsReferences: items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array nodePublicIPTags: items: description: |- - Storage version of v1api20231001.IPTag_STATUS + Storage version of v1api20231001.IPTag Contains the IPTag associated with the object. properties: $propertyBag: @@ -18794,14 +16283,32 @@ spec: type: object type: array type: object - nodeImageVersion: - type: string nodeLabels: additionalProperties: type: string type: object - nodePublicIPPrefixID: - type: string + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: items: type: string @@ -18816,11 +16323,32 @@ spec: type: string osType: type: string - podSubnetID: - type: string + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object powerState: description: |- - Storage version of v1api20231001.PowerState_STATUS + Storage version of v1api20231001.PowerState Describes the Power State of the cluster properties: $propertyBag: @@ -18833,19 +16361,35 @@ spec: code: type: string type: object - provisioningState: - type: string - proximityPlacementGroupID: - type: string - scaleDownMode: - type: string - scaleSetEvictionPolicy: - type: string - scaleSetPriority: - type: string - spotMaxPrice: - type: number - tags: + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + spotMaxPrice: + type: number + tags: additionalProperties: type: string type: object @@ -18853,7 +16397,7 @@ spec: type: string upgradeSettings: description: |- - Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS + Storage version of v1api20231001.AgentPoolUpgradeSettings Settings for upgrading an agentpool properties: $propertyBag: @@ -18870,15 +16414,36 @@ spec: type: object vmSize: type: string - vnetSubnetID: - type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object workloadRuntime: type: string type: object type: array apiServerAccessProfile: description: |- - Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile_STATUS + Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile Access profile for managed cluster API server. properties: $propertyBag: @@ -18902,7 +16467,7 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20231001.ManagedClusterProperties_AutoScalerProfile_STATUS + description: Storage version of v1api20231001.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: @@ -18948,7 +16513,7 @@ spec: type: object autoUpgradeProfile: description: |- - Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile_STATUS + Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile Auto upgrade profile for a managed cluster. properties: $propertyBag: @@ -18965,7 +16530,7 @@ spec: type: object azureMonitorProfile: description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfile_STATUS + Storage version of v1api20231001.ManagedClusterAzureMonitorProfile Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: @@ -18977,7 +16542,7 @@ spec: type: object metrics: description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics_STATUS + Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview. @@ -18993,7 +16558,7 @@ spec: type: boolean kubeStateMetrics: description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details. @@ -19012,57 +16577,35 @@ spec: type: object type: object type: object - azurePortalFQDN: - type: string - conditions: - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - currentKubernetesVersion: + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string disableLocalAccounts: type: boolean - diskEncryptionSetID: - type: string + diskEncryptionSetReference: + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: type: string enablePodSecurityPolicy: @@ -19071,7 +16614,7 @@ spec: type: boolean extendedLocation: description: |- - Storage version of v1api20231001.ExtendedLocation_STATUS + Storage version of v1api20231001.ExtendedLocation The complex type of the extended location. properties: $propertyBag: @@ -19086,13 +16629,11 @@ spec: type: type: string type: object - fqdn: - type: string fqdnSubdomain: type: string httpProxyConfig: description: |- - Storage version of v1api20231001.ManagedClusterHTTPProxyConfig_STATUS + Storage version of v1api20231001.ManagedClusterHTTPProxyConfig Cluster HTTP proxy configuration. properties: $propertyBag: @@ -19113,11 +16654,9 @@ spec: trustedCa: type: string type: object - id: - type: string identity: description: |- - Storage version of v1api20231001.ManagedClusterIdentity_STATUS + Storage version of v1api20231001.ManagedClusterIdentity Identity for the managed cluster. properties: $propertyBag: @@ -19130,7 +16669,7 @@ spec: delegatedResources: additionalProperties: description: |- - Storage version of v1api20231001.DelegatedResource_STATUS + Storage version of v1api20231001.DelegatedResource Delegated resource properties - internal use only. properties: $propertyBag: @@ -19144,21 +16683,37 @@ spec: type: string referralResource: type: string - resourceId: - type: string + resourceReference: + description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object tenantId: type: string type: object type: object - principalId: - type: string - tenantId: - type: string type: type: string userAssignedIdentities: - additionalProperties: - description: Storage version of v1api20231001.ManagedClusterIdentity_UserAssignedIdentities_STATUS + items: + description: |- + Storage version of v1api20231001.UserAssignedIdentityDetails + Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: @@ -19167,17 +16722,33 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - clientId: - type: string - principalId: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - type: object + type: array type: object identityProfile: additionalProperties: description: |- - Storage version of v1api20231001.UserAssignedIdentity_STATUS + Storage version of v1api20231001.UserAssignedIdentity Details about a user assigned identity. properties: $propertyBag: @@ -19191,15 +16762,33 @@ spec: type: string objectId: type: string - resourceId: - type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: object kubernetesVersion: type: string linuxProfile: description: |- - Storage version of v1api20231001.ContainerServiceLinuxProfile_STATUS + Storage version of v1api20231001.ContainerServiceLinuxProfile Profile for Linux VMs in the container service cluster. properties: $propertyBag: @@ -19213,7 +16802,7 @@ spec: type: string ssh: description: |- - Storage version of v1api20231001.ContainerServiceSshConfiguration_STATUS + Storage version of v1api20231001.ContainerServiceSshConfiguration SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: @@ -19226,7 +16815,7 @@ spec: publicKeys: items: description: |- - Storage version of v1api20231001.ContainerServiceSshPublicKey_STATUS + Storage version of v1api20231001.ContainerServiceSshPublicKey Contains information about SSH certificate public key data. properties: $propertyBag: @@ -19244,13 +16833,9 @@ spec: type: object location: type: string - maxAgentPools: - type: integer - name: - type: string networkProfile: description: |- - Storage version of v1api20231001.ContainerServiceNetworkProfile_STATUS + Storage version of v1api20231001.ContainerServiceNetworkProfile Profile of network configuration. properties: $propertyBag: @@ -19268,7 +16853,7 @@ spec: type: array loadBalancerProfile: description: |- - Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_STATUS + Storage version of v1api20231001.ManagedClusterLoadBalancerProfile Profile of the managed cluster load balancer. properties: $propertyBag: @@ -19285,7 +16870,7 @@ spec: effectiveOutboundIPs: items: description: |- - Storage version of v1api20231001.ResourceReference_STATUS + Storage version of v1api20231001.ResourceReference A reference to an Azure resource. properties: $propertyBag: @@ -19295,8 +16880,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array enableMultipleStandardLoadBalancers: @@ -19304,7 +16907,7 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS + description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: @@ -19319,7 +16922,7 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS + description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: @@ -19331,7 +16934,7 @@ spec: publicIPPrefixes: items: description: |- - Storage version of v1api20231001.ResourceReference_STATUS + Storage version of v1api20231001.ResourceReference A reference to an Azure resource. properties: $propertyBag: @@ -19341,13 +16944,31 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS + description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: @@ -19359,7 +16980,7 @@ spec: publicIPs: items: description: |- - Storage version of v1api20231001.ResourceReference_STATUS + Storage version of v1api20231001.ResourceReference A reference to an Azure resource. properties: $propertyBag: @@ -19369,8 +16990,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -19379,7 +17018,7 @@ spec: type: string natGatewayProfile: description: |- - Storage version of v1api20231001.ManagedClusterNATGatewayProfile_STATUS + Storage version of v1api20231001.ManagedClusterNATGatewayProfile Profile of the managed cluster NAT gateway. properties: $propertyBag: @@ -19392,7 +17031,7 @@ spec: effectiveOutboundIPs: items: description: |- - Storage version of v1api20231001.ResourceReference_STATUS + Storage version of v1api20231001.ResourceReference A reference to an Azure resource. properties: $propertyBag: @@ -19402,15 +17041,33 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: type: integer managedOutboundIPProfile: description: |- - Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile_STATUS + Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: @@ -19453,7 +17110,7 @@ spec: type: string oidcIssuerProfile: description: |- - Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile_STATUS + Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: @@ -19465,12 +17122,190 @@ spec: type: object enabled: type: boolean - issuerURL: + type: object + operatorSpec: + description: |- + Storage version of v1api20231001.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: Storage version of v1api20231001.ManagedClusterOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + oidcIssuerProfile: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + principalId: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: Storage version of v1api20231001.ManagedClusterOperatorSecrets + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityProfile_STATUS + Storage version of v1api20231001.ManagedClusterPodIdentityProfile See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. properties: @@ -19488,7 +17323,7 @@ spec: userAssignedIdentities: items: description: |- - Storage version of v1api20231001.ManagedClusterPodIdentity_STATUS + Storage version of v1api20231001.ManagedClusterPodIdentity Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: @@ -19502,7 +17337,7 @@ spec: type: string identity: description: |- - Storage version of v1api20231001.UserAssignedIdentity_STATUS + Storage version of v1api20231001.UserAssignedIdentity Details about a user assigned identity. properties: $propertyBag: @@ -19516,83 +17351,37 @@ spec: type: string objectId: type: string - resourceId: - type: string - type: object - name: - type: string - namespace: - type: string - provisioningInfo: - description: Storage version of v1api20231001.ManagedClusterPodIdentity_ProvisioningInfo_STATUS - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: + armId: description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - details: - items: - description: Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - message: - type: string - target: - type: string - type: object - type: array - message: - type: string - target: - type: string - type: object + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string type: object type: object - provisioningState: + name: + type: string + namespace: type: string type: object type: array userAssignedIdentityExceptions: items: description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityException_STATUS + Storage version of v1api20231001.ManagedClusterPodIdentityException See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: @@ -19614,27 +17403,10 @@ spec: type: object type: array type: object - powerState: - description: |- - Storage version of v1api20231001.PowerState_STATUS - Describes the Power State of the cluster - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - type: object - privateFQDN: - type: string privateLinkResources: items: description: |- - Storage version of v1api20231001.PrivateLinkResource_STATUS + Storage version of v1api20231001.PrivateLinkResource A private link resource properties: $propertyBag: @@ -19646,12 +17418,28 @@ spec: type: object groupId: type: string - id: - type: string name: type: string - privateLinkServiceID: - type: string + reference: + description: 'Reference: The ID of the private link resource.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: items: type: string @@ -19660,15 +17448,11 @@ spec: type: string type: object type: array - provisioningState: - type: string publicNetworkAccess: type: string - resourceUID: - type: string securityProfile: description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfile_STATUS + Storage version of v1api20231001.ManagedClusterSecurityProfile Security profile for the container service cluster. properties: $propertyBag: @@ -19680,7 +17464,7 @@ spec: type: object azureKeyVaultKms: description: |- - Storage version of v1api20231001.AzureKeyVaultKms_STATUS + Storage version of v1api20231001.AzureKeyVaultKms Azure Key Vault key management service settings for the security profile. properties: $propertyBag: @@ -19696,12 +17480,32 @@ spec: type: string keyVaultNetworkAccess: type: string - keyVaultResourceId: - type: string + keyVaultResourceReference: + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object defender: description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileDefender_STATUS + Storage version of v1api20231001.ManagedClusterSecurityProfileDefender Microsoft Defender settings for the security profile. properties: $propertyBag: @@ -19711,11 +17515,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - logAnalyticsWorkspaceResourceId: - type: string + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object securityMonitoring: description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: @@ -19731,7 +17556,7 @@ spec: type: object imageCleaner: description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner_STATUS + Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile. properties: @@ -19749,7 +17574,7 @@ spec: type: object workloadIdentity: description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity Workload identity settings for the security profile. properties: $propertyBag: @@ -19765,7 +17590,7 @@ spec: type: object serviceMeshProfile: description: |- - Storage version of v1api20231001.ServiceMeshProfile_STATUS + Storage version of v1api20231001.ServiceMeshProfile Service mesh profile for a managed cluster. properties: $propertyBag: @@ -19777,7 +17602,7 @@ spec: type: object istio: description: |- - Storage version of v1api20231001.IstioServiceMesh_STATUS + Storage version of v1api20231001.IstioServiceMesh Istio service mesh configuration. properties: $propertyBag: @@ -19789,7 +17614,7 @@ spec: type: object certificateAuthority: description: |- - Storage version of v1api20231001.IstioCertificateAuthority_STATUS + Storage version of v1api20231001.IstioCertificateAuthority Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca properties: @@ -19802,7 +17627,7 @@ spec: type: object plugin: description: |- - Storage version of v1api20231001.IstioPluginCertificateAuthority_STATUS + Storage version of v1api20231001.IstioPluginCertificateAuthority Plugin certificates information for Service Mesh. properties: $propertyBag: @@ -19818,15 +17643,33 @@ spec: type: string keyObjectName: type: string - keyVaultId: - type: string + keyVaultReference: + description: 'KeyVaultReference: The resource ID of the Key Vault.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object rootCertObjectName: type: string type: object type: object components: description: |- - Storage version of v1api20231001.IstioComponents_STATUS + Storage version of v1api20231001.IstioComponents Istio components configuration. properties: $propertyBag: @@ -19839,7 +17682,7 @@ spec: egressGateways: items: description: |- - Storage version of v1api20231001.IstioEgressGateway_STATUS + Storage version of v1api20231001.IstioEgressGateway Istio egress gateway configuration. properties: $propertyBag: @@ -19860,7 +17703,7 @@ spec: ingressGateways: items: description: |- - Storage version of v1api20231001.IstioIngressGateway_STATUS + Storage version of v1api20231001.IstioIngressGateway Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: @@ -19888,7 +17731,7 @@ spec: type: object servicePrincipalProfile: description: |- - Storage version of v1api20231001.ManagedClusterServicePrincipalProfile_STATUS + Storage version of v1api20231001.ManagedClusterServicePrincipalProfile Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: @@ -19900,10 +17743,27 @@ spec: type: object clientId: type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object type: object sku: description: |- - Storage version of v1api20231001.ManagedClusterSKU_STATUS + Storage version of v1api20231001.ManagedClusterSKU The SKU of a Managed Cluster. properties: $propertyBag: @@ -19920,7 +17780,7 @@ spec: type: object storageProfile: description: |- - Storage version of v1api20231001.ManagedClusterStorageProfile_STATUS + Storage version of v1api20231001.ManagedClusterStorageProfile Storage profile for the container service cluster. properties: $propertyBag: @@ -19932,7 +17792,7 @@ spec: type: object blobCSIDriver: description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver_STATUS + Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: @@ -19947,7 +17807,7 @@ spec: type: object diskCSIDriver: description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver_STATUS + Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: @@ -19962,7 +17822,7 @@ spec: type: object fileCSIDriver: description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver_STATUS + Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: @@ -19977,7 +17837,7 @@ spec: type: object snapshotController: description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController_STATUS + Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController Snapshot Controller settings for the storage profile. properties: $propertyBag: @@ -19993,40 +17853,13 @@ spec: type: object supportPlan: type: string - systemData: - description: |- - Storage version of v1api20231001.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - createdAt: - type: string - createdBy: - type: string - createdByType: - type: string - lastModifiedAt: - type: string - lastModifiedBy: - type: string - lastModifiedByType: - type: string - type: object tags: additionalProperties: type: string type: object - type: - type: string upgradeSettings: description: |- - Storage version of v1api20231001.ClusterUpgradeSettings_STATUS + Storage version of v1api20231001.ClusterUpgradeSettings Settings for upgrading a cluster. properties: $propertyBag: @@ -20038,7 +17871,7 @@ spec: type: object overrideSettings: description: |- - Storage version of v1api20231001.UpgradeOverrideSettings_STATUS + Storage version of v1api20231001.UpgradeOverrideSettings Settings for overrides when upgrading a cluster. properties: $propertyBag: @@ -20056,7 +17889,7 @@ spec: type: object windowsProfile: description: |- - Storage version of v1api20231001.ManagedClusterWindowsProfile_STATUS + Storage version of v1api20231001.ManagedClusterWindowsProfile Profile for Windows VMs in the managed cluster. properties: $propertyBag: @@ -20066,13 +17899,30 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object + adminPassword: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: description: |- - Storage version of v1api20231001.WindowsGmsaProfile_STATUS + Storage version of v1api20231001.WindowsGmsaProfile Windows gMSA Profile in the managed cluster. properties: $propertyBag: @@ -20094,7 +17944,7 @@ spec: type: object workloadAutoScalerProfile: description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile_STATUS + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: @@ -20106,7 +17956,7 @@ spec: type: object keda: description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: @@ -20121,7 +17971,7 @@ spec: type: object verticalPodAutoscaler: description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: @@ -20135,2997 +17985,2207 @@ spec: type: boolean type: object type: object + required: + - owner type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20231102preview - schema: - openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: + status: description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: + Storage version of v1api20231001.ManagedCluster_STATUS + Managed cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' + description: |- + Storage version of v1api20231001.ManagedClusterAADProfile_STATUS + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterAddonProfile_STATUS + A Kubernetes add-on profile for a managed cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - required: - - enabled + identity: + description: |- + Storage version of v1api20231001.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. + description: |- + Storage version of v1api20231001.ManagedClusterAgentPoolProfile_STATUS + Profile for the container service agent pool. properties: - artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' - properties: - enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. - type: boolean + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + capacityReservationGroupID: + type: string count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + Storage version of v1api20231001.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + sourceResourceId: + type: string type: object + currentOrchestratorVersion: + type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' - type: boolean - enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g type: string - gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' - properties: - installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. - type: boolean - type: object - hostGroupReference: + hostGroupID: + type: string + kubeletConfig: description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + Storage version of v1api20231001.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: - armId: + $propertyBag: + additionalProperties: + type: string description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' - properties: + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: |- + Storage version of v1api20231001.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: |- + Storage version of v1api20231001.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - maximum: 90 - minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - maximum: 524288 - minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - maximum: 2097152 - minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer - messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). - type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - System - - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' - pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' + description: |- + Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. + description: |- + Storage version of v1api20231001.PortRange_STATUS + The port range. properties: - portEnd: + $propertyBag: + additionalProperties: + type: string description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. - maximum: 65535 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. - maximum: 65535 - minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' - enum: - - TCP - - UDP type: string type: object type: array - applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. + applicationSecurityGroups: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231001.IPTag_STATUS + Contains the IPTag associated with the object. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object - nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` - items: - type: string - type: array + nodeImageVersion: + type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' - type: object - nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string type: object + nodePublicIPPrefixID: + type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: - maximum: 2048 - minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. - enum: - - AzureLinux - - CBLMariner - - Mariner - - Ubuntu - - Windows2019 - - Windows2022 - - WindowsAnnual type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows type: string - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + podSubnetID: + type: string powerState: description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - enum: - - Running - - Stopped - type: string - type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + Storage version of v1api20231001.PowerState_STATUS + Describes the Power State of the cluster properties: - armId: + $propertyBag: + additionalProperties: + type: string description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: type: string type: object + provisioningState: + type: string + proximityPlacementGroupID: + type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - enum: - - Deallocate - - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot type: string - securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' - properties: - enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. - type: boolean - enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. - type: boolean - sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' - enum: - - Disabled - - LocalUser - type: string - type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets - - VirtualMachines type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: |- + Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: - drainTimeoutInMinutes: + $propertyBag: + additionalProperties: + type: string description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. - maximum: 1440 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string - nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. - maximum: 30 - minimum: 0 - type: integer - type: object - virtualMachineNodesStatus: - items: - description: Current status on a group of nodes of the same vm size. - properties: - count: - description: 'Count: Number of nodes.' - type: integer - size: - description: 'Size: The VM size of the agents used to host this group of nodes.' - type: string - type: object - type: array - virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' - properties: - scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' - properties: - manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' - items: - description: Specifications on number of machines. - properties: - count: - description: 'Count: Number of nodes.' - maximum: 1000 - minimum: 0 - type: integer - sizes: - description: |- - Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable - (e.g. due to quota or regional capacity reasons), AKS will use the next size. - items: - type: string - type: array - type: object - type: array - type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' - properties: - disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. - type: boolean - type: object + vnetSubnetID: + type: string workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - enum: - - KataMshvVmIsolation - - OCIContainer - - WasmWasi type: string - required: - - name type: object type: array - aiToolchainOperatorProfile: - description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' - properties: - enabled: - description: 'Enabled: Indicates if AI toolchain operator enabled or not.' - type: boolean - type: object apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' + description: |- + Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile_STATUS + Access profile for managed cluster API server. properties: - authorizedIPRanges: + $propertyBag: + additionalProperties: + type: string description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' - type: boolean - enableVnetIntegration: - description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. - type: string - subnetId: - description: |- - SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable - apiserver vnet integration. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + description: Storage version of v1api20231001.ManagedClusterProperties_AutoScalerProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string - daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the - node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be - deleted without ensuring that daemonset pods are deleted or evicted. - type: boolean - daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion - of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node - will be deleted without ensuring that daemonset pods are deleted or evicted. - type: boolean expander: - description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' - enum: - - least-waste - - most-pods - - priority - - random type: string - ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making - scaling down decisions. - type: boolean max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' + description: |- + Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile_STATUS + Auto upgrade profile for a managed cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' - enum: - - NodeImage - - None - - SecurityPatch - - Unmanaged type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). - enum: - - node-image - - none - - patch - - rapid - - stable type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfile_STATUS + Azure Monitor addon profiles for monitoring the managed cluster. properties: - logs: + $propertyBag: + additionalProperties: + type: string description: |- - Logs: Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes - infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. - properties: - appMonitoring: - description: |- - AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics - and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. - properties: - enabled: - description: 'Enabled: Indicates if Application Monitoring enabled or not.' - type: boolean - type: object - containerInsights: - description: |- - ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & - stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. - properties: - enabled: - description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' - type: boolean - logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing - Azure Monitor Container Insights Logs. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - windowsHostLogs: - description: |- - WindowsHostLogs: Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and - Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. - properties: - enabled: - description: 'Enabled: Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.' - type: boolean - type: object - type: object + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metrics: - description: 'Metrics: Metrics profile for the prometheus service addon' + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics_STATUS + Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: - appMonitoringOpenTelemetryMetrics: + $propertyBag: + additionalProperties: + type: string description: |- - AppMonitoringOpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application - Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor - OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. - properties: - enabled: - description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' - type: boolean + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: - description: 'Enabled: Whether to enable the Prometheus collector' type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: - metricAnnotationsAllowList: + $propertyBag: + additionalProperties: + type: string description: |- - MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metricAnnotationsAllowList: type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels - metric. type: string type: object - required: - - enabled type: object type: object - azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ + azurePortalFQDN: + type: string + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + currentKubernetesVersion: type: string - creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a - snapshot. - properties: - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + diskEncryptionSetID: + type: string dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string - enableNamespaceResources: - description: |- - EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed - cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as - a ARM Resource. - type: boolean enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' + description: |- + Storage version of v1api20231001.ExtendedLocation_STATUS + The complex type of the extended location. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' - enum: - - EdgeZone type: string type: object + fqdn: + type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + description: |- + Storage version of v1api20231001.ManagedClusterHTTPProxyConfig_STATUS + Cluster HTTP proxy configuration. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object + id: + type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' + description: |- + Storage version of v1api20231001.ManagedClusterIdentity_STATUS + Identity for the managed cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. + description: |- + Storage version of v1api20231001.DelegatedResource_STATUS + Delegated resource properties - internal use only. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string - resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' - pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object + principalId: + type: string + tenantId: + type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). - enum: - - None - - SystemAssigned - - UserAssigned type: string userAssignedIdentities: - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - items: - description: Information about the user assigned identity for the resource + additionalProperties: + description: Storage version of v1api20231001.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + clientId: + type: string + principalId: + type: string type: object - type: array + type: object type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. + description: |- + Storage version of v1api20231001.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object - description: 'IdentityProfile: Identities associated with the cluster.' - type: object - ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' - properties: - webAppRouting: - description: 'WebAppRouting: Web App Routing settings for the ingress profile.' - properties: - dnsZoneResourceReferences: - description: |- - DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only - when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS - zones must be in the same resource group and all private DNS zones must be in the same resource group. - items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: array - enabled: - description: 'Enabled: Whether to enable Web App Routing.' - type: boolean - type: object type: object kubernetesVersion: - description: |- - KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades - must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> - 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' + description: |- + Storage version of v1api20231001.ContainerServiceLinuxProfile_STATUS + Profile for Linux VMs in the container service cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' - pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' + description: |- + Storage version of v1api20231001.ContainerServiceSshConfiguration_STATUS + SSH configuration for Linux-based VMs running on Azure. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20231001.ContainerServiceSshPublicKey_STATUS + Contains information about SSH certificate public key data. properties: - keyData: + $propertyBag: + additionalProperties: + type: string description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: type: string - required: - - keyData type: object type: array - required: - - publicKeys type: object - required: - - adminUsername - - ssh type: object location: - description: 'Location: The geo-location where the resource lives' type: string - metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' - properties: - costAnalysis: - description: 'CostAnalysis: The cost analysis configuration for the cluster' - properties: - enabled: - description: |- - Enabled: The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add - Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the - default is false. For more information see aka.ms/aks/docs/cost-analysis. - type: boolean - type: object - type: object + maxAgentPools: + type: integer + name: + type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' + description: |- + Storage version of v1api20231001.ContainerServiceNetworkProfile_STATUS + Profile of network configuration. properties: - dnsServiceIP: + $propertyBag: + additionalProperties: + type: string description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServiceIP: type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: - description: To determine if address belongs IPv4 or IPv6 family. - enum: - - IPv4 - - IPv6 type: string type: array - kubeProxyConfig: + loadBalancerProfile: description: |- - KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy - defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ - where is represented by a - string. Kubernetes version 1.23 would be '1-23'. + Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_STATUS + Profile of the managed cluster load balancer. properties: - enabled: + $propertyBag: + additionalProperties: + type: string description: |- - Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by - default without these customizations). - type: boolean - ipvsConfig: - description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' - properties: - scheduler: - description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' - enum: - - LeastConnection - - RoundRobin - type: string - tcpFinTimeoutSeconds: - description: |- - TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive - integer value. - type: integer - tcpTimeoutSeconds: - description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' - type: integer - udpTimeoutSeconds: - description: 'UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.' - type: integer + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - mode: - description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' - enum: - - IPTABLES - - IPVS - type: string - type: object - loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' - properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. - maximum: 64000 - minimum: 0 type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' - enum: - - NodeIP - - NodeIPConfiguration type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference_STATUS + A reference to an Azure resource. properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. - maximum: 120 - minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' + description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: - count: + $propertyBag: + additionalProperties: + type: string description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. - maximum: 100 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. - maximum: 100 - minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' + description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference_STATUS + A reference to an Azure resource. properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' + description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference_STATUS + A reference to an Azure resource. properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. - enum: - - basic - - standard type: string - monitoring: - description: |- - Monitoring: This addon can be used to configure network monitoring and generate network monitoring data in Prometheus - format - properties: - enabled: - description: 'Enabled: Enable or disable the network monitoring plugin on the cluster' - type: boolean - type: object natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' + description: |- + Storage version of v1api20231001.ManagedClusterNATGatewayProfile_STATUS + Profile of the managed cluster NAT gateway. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference_STATUS + A reference to an Azure resource. properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. - maximum: 120 - minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' + description: |- + Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile_STATUS + Profile of the managed outbound IP resources of the managed cluster. properties: - count: + $propertyBag: + additionalProperties: + type: string description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. - maximum: 16 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' - enum: - - azure - - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' - enum: - - bridge - - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' - enum: - - azure - - kubenet - - none type: string networkPluginMode: - description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' - enum: - - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' - enum: - - azure - - calico - - cilium - - none type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). - enum: - - loadBalancer - - managedNATGateway - - userAssignedNATGateway - - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object - nodeProvisioningProfile: - description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' - properties: - mode: - description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' - enum: - - Auto - - Manual - type: string - type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string - nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: The node resource group configuration profile.' - properties: - restrictionLevel: - description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' - enum: - - ReadOnly - - Unrestricted - type: string - type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' + description: |- + Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile_STATUS + The OIDC issuer profile of the Managed Cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean + issuerURL: + type: string type: object - operatorSpec: + podIdentityProfile: description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure + Storage version of v1api20231001.ManagedClusterPodIdentityProfile_STATUS + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: - configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' - properties: - oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - secrets: - description: 'Secrets: configures where to place Azure generated secrets.' - properties: - adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - type: object - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. - properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentity_STATUS + Details about the pod identity assigned to the Managed Cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' + description: |- + Storage version of v1api20231001.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string - required: - - identity - - name - - namespace + provisioningInfo: + description: Storage version of v1api20231001.ManagedClusterPodIdentity_ProvisioningInfo_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningError_STATUS + An error response from the pod identity provisioning. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + An error response from the pod identity provisioning. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + details: + items: + description: Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityException_STATUS See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object - required: - - name - - namespace - - podLabels type: object type: array type: object + powerState: + description: |- + Storage version of v1api20231001.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + privateFQDN: + type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource + description: |- + Storage version of v1api20231001.PrivateLinkResource_STATUS + A private link resource properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object groupId: - description: 'GroupId: The group ID of the resource.' + type: string + id: type: string name: - description: 'Name: The name of the private link resource.' type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + privateLinkServiceID: + type: string requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array + provisioningState: + type: string publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' - enum: - - Disabled - - Enabled - - SecuredByPerimeter type: string - safeguardsProfile: - description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' + resourceUID: + type: string + securityProfile: + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfile_STATUS + Security profile for the container service cluster. properties: - excludedNamespaces: - description: 'ExcludedNamespaces: List of namespaces excluded from Safeguards checks' - items: + $propertyBag: + additionalProperties: type: string - type: array - level: description: |- - Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS - excludes via systemExcludedNamespaces - enum: - - Enforcement - - "Off" - - Warning - type: string - version: - description: 'Version: The version of constraints to use' - type: string - required: - - level - type: object - securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' - properties: + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object azureKeyVaultKms: description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. + Storage version of v1api20231001.AzureKeyVaultKms_STATUS + Azure Key Vault key management service settings for the security profile. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. - enum: - - Private - - Public type: string - keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + keyVaultResourceId: + type: string type: object - customCATrustCertificates: - description: |- - CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the - Custom CA Trust feature enabled. For more information see [Custom CA Trust - Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) - items: - type: string - maxItems: 10 - minItems: 0 - type: array defender: - description: 'Defender: Microsoft Defender settings for the security profile.' + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileDefender_STATUS + Microsoft Defender settings for the security profile. properties: - logAnalyticsWorkspaceResourceReference: + $propertyBag: + additionalProperties: + type: string description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + logAnalyticsWorkspaceResourceId: + type: string securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Microsoft Defender settings for the security profile threat detection. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner_STATUS + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object - imageIntegrity: - description: |- - ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This - will not have any effect unless Azure Policy is applied to enforce image signatures. See - https://aka.ms/aks/image-integrity for how to use this feature via policy. - properties: - enabled: - description: 'Enabled: Whether to enable image integrity. The default value is false.' - type: boolean - type: object - nodeRestriction: - description: |- - NodeRestriction: [Node - Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings - for the security profile. - properties: - enabled: - description: 'Enabled: Whether to enable Node Restriction' - type: boolean - type: object workloadIdentity: description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. + Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Workload identity settings for the security profile. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' + description: |- + Storage version of v1api20231001.ServiceMeshProfile_STATUS + Service mesh profile for a managed cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object istio: - description: 'Istio: Istio service mesh configuration.' + description: |- + Storage version of v1api20231001.IstioServiceMesh_STATUS + Istio service mesh configuration. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object certificateAuthority: description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca + Storage version of v1api20231001.IstioCertificateAuthority_STATUS + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' + description: |- + Storage version of v1api20231001.IstioPluginCertificateAuthority_STATUS + Plugin certificates information for Service Mesh. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string - keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + keyVaultId: + type: string rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' + description: |- + Storage version of v1api20231001.IstioComponents_STATUS + Istio components configuration. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. + description: |- + Storage version of v1api20231001.IstioEgressGateway_STATUS + Istio egress gateway configuration. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean nodeSelector: additionalProperties: type: string - description: 'NodeSelector: NodeSelector for scheduling the egress gateway.' type: object - required: - - enabled type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: description: |- + Storage version of v1api20231001.IstioIngressGateway_STATUS Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' - enum: - - External - - Internal type: string - required: - - enabled - - mode type: object type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string - maxItems: 2 type: array type: object mode: - description: 'Mode: Mode of the service mesh.' - enum: - - Disabled - - Istio type: string - required: - - mode type: object servicePrincipalProfile: description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. + Storage version of v1api20231001.ManagedClusterServicePrincipalProfile_STATUS + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The ID for the service principal.' type: string - secret: - description: 'Secret: The secret password associated with the service principal in plain text.' - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - required: - - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' + description: |- + Storage version of v1api20231001.ManagedClusterSKU_STATUS + The SKU of a Managed Cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of a managed cluster SKU.' - enum: - - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. - enum: - - Free - - Premium - - Standard type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfile_STATUS + Storage profile for the container service cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver_STATUS + AzureBlob CSI Driver settings for the storage profile. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver_STATUS + AzureDisk CSI Driver settings for the storage profile. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean - version: - description: 'Version: The version of AzureDisk CSI Driver. The default value is v1.' - type: string type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver_STATUS + AzureFile CSI Driver settings for the storage profile. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController_STATUS + Snapshot Controller settings for the storage profile. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' - enum: - - AKSLongTermSupport - - KubernetesOfficial type: string + systemData: + description: |- + Storage version of v1api20231001.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: + type: string + type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object + type: + type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' + description: |- + Storage version of v1api20231001.ClusterUpgradeSettings_STATUS + Settings for upgrading a cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object overrideSettings: - description: 'OverrideSettings: Settings for overrides.' + description: |- + Storage version of v1api20231001.UpgradeOverrideSettings_STATUS + Settings for overrides when upgrading a cluster. properties: - forceUpgrade: + $propertyBag: + additionalProperties: + type: string description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + forceUpgrade: type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' + description: |- + Storage version of v1api20231001.ManagedClusterWindowsProfile_STATUS + Profile for Windows VMs in the managed cluster. properties: - adminPassword: + $propertyBag: + additionalProperties: + type: string description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' + description: |- + Storage version of v1api20231001.WindowsGmsaProfile_STATUS + Windows gMSA Profile in the managed cluster. properties: - dnsServer: + $propertyBag: + additionalProperties: + type: string description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServer: type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. - enum: - - None - - Windows_Server type: string - required: - - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile_STATUS + Workload Auto-scaler profile for the managed cluster. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean - required: - - enabled type: object verticalPodAutoscaler: + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS + VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: - addonAutoscaling: - description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' - enum: - - Disabled - - Enabled - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' type: boolean - required: - - enabled type: object type: object - required: - - location - - owner type: object - status: - description: Managed cluster. + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20231102preview + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - identity: - description: 'Identity: Information of user assigned identity used by this add-on.' - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string - type: object + required: + - enabled type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array - capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' - type: string + capacityReservationGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: - sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' - type: string + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be - exactly equal to it. If orchestratorVersion was , this field will contain the full - version being used. - type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - type: string - gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' - properties: - installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g + type: string + gpuProfile: + properties: + installGPUDriver: type: boolean type: object - hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - type: string + hostGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. + minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. + enum: + - OS + - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' + pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. + maximum: 65535 + minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. + maximum: 65535 + minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP type: string type: object type: array - applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' + applicationSecurityGroupsReferences: items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object - nodeImageVersion: - description: 'NodeImageVersion: The version of node image' - type: string nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` items: type: string type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object - nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - type: string + nodePublicIPPrefixReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: + maximum: 2048 + minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. + enum: + - AzureLinux + - CBLMariner + - Mariner + - Ubuntu + - Windows2019 + - Windows2022 + - WindowsAnnual type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - type: string - podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + enum: + - Linux + - Windows type: string + podSubnetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object - provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' - type: string - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' - type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. + enum: + - Deallocate + - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' + enum: + - Disabled + - LocalUser type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + - VirtualMachines type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. + maximum: 30 + minimum: 0 type: integer type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' + maximum: 1000 + minimum: 0 type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable - (e.g. due to quota or regional capacity reasons), AKS will use the next size. items: type: string type: array @@ -23134,1356 +20194,1291 @@ spec: type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions - type: string - vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + vnetSubnetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - KataMshvVmIsolation + - OCIContainer + - WasmWasi type: string + required: + - name type: object type: array aiToolchainOperatorProfile: - description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' properties: enabled: - description: 'Enabled: Indicates if AI toolchain operator enabled or not.' type: boolean type: object apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean enableVnetIntegration: - description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string subnetId: - description: |- - SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable - apiserver vnet integration. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the - node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be - deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion - of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node - will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: - description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' + enum: + - least-waste + - most-pods + - priority + - random type: string ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making - scaling down decisions. type: boolean max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' + enum: + - NodeImage + - None + - SecurityPatch + - Unmanaged type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). + enum: + - node-image + - none + - patch + - rapid + - stable type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' properties: logs: - description: |- - Logs: Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes - infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. properties: appMonitoring: - description: |- - AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics - and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: - description: 'Enabled: Indicates if Application Monitoring enabled or not.' type: boolean type: object containerInsights: - description: |- - ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & - stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: enabled: - description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' type: boolean - logAnalyticsWorkspaceResourceId: - description: |- - LogAnalyticsWorkspaceResourceId: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure - Monitor Container Insights Logs. - type: string - windowsHostLogs: - description: |- - WindowsHostLogs: Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and - Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. + logAnalyticsWorkspaceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: - enabled: - description: 'Enabled: Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.' - type: boolean - type: object - type: object - type: object - metrics: - description: 'Metrics: Metrics profile for the prometheus service addon' - properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + windowsHostLogs: + properties: + enabled: + type: boolean + type: object + type: object + type: object + metrics: + properties: appMonitoringOpenTelemetryMetrics: - description: |- - AppMonitoringOpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application - Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor - OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: - description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' type: boolean type: object enabled: - description: 'Enabled: Whether to enable the Prometheus collector' type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels - metric. type: string type: object + required: + - enabled type: object type: object - azurePortalFQDN: + azureName: description: |- - AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some - responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure - Portal to function properly. + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string - conditions: - description: 'Conditions: The observed state of the resource' - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a - snapshot. properties: - sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' - type: string + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentKubernetesVersion: - description: 'CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running.' - type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetID: - description: |- - DiskEncryptionSetID: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - type: string + diskEncryptionSetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enableNamespaceResources: - description: |- - EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed - cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as - a ARM Resource. type: boolean enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' + enum: + - EdgeZone type: string type: object - fqdn: - description: 'Fqdn: The FQDN of the master pool.' - type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: - effectiveNoProxy: - description: |- - EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a - superset of noProxy and values injected by AKS. - items: - type: string - type: array httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object - id: - description: |- - Id: Fully qualified resource ID for the resource. E.g. - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" - type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' - type: string - resourceId: - description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' + pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object - principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' - type: string - tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' - type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + enum: + - None + - SystemAssigned + - UserAssigned type: string userAssignedIdentities: - additionalProperties: + items: properties: - clientId: - description: 'ClientId: The client id of user assigned identity.' - type: string - principalId: - description: 'PrincipalId: The principal id of user assigned identity.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - type: object + type: array type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' properties: webAppRouting: - description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: - dnsZoneResourceIds: - description: |- - DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web - App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must - be in the same resource group and all private DNS zones must be in the same resource group. + dnsZoneResourceReferences: items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array enabled: - description: 'Enabled: Whether to enable Web App Routing.' type: boolean - identity: - description: |- - Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted - permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See - [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more - instructions. - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string - type: object type: object type: object kubernetesVersion: - description: |- - KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades - must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> - 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' + pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string + required: + - keyData type: object type: array + required: + - publicKeys type: object + required: + - adminUsername + - ssh type: object location: - description: 'Location: The geo-location where the resource lives' type: string - maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' - type: integer metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' properties: costAnalysis: - description: 'CostAnalysis: The cost analysis configuration for the cluster' properties: enabled: - description: |- - Enabled: The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add - Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the - default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object - name: - description: 'Name: The name of the resource' - type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. + pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: - description: To determine if address belongs IPv4 or IPv6 family. + enum: + - IPv4 + - IPv6 type: string type: array kubeProxyConfig: - description: |- - KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy - defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ - where is represented by a - string. Kubernetes version 1.23 would be '1-23'. properties: enabled: - description: |- - Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by - default without these customizations). type: boolean ipvsConfig: - description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' properties: scheduler: - description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' + enum: + - LeastConnection + - RoundRobin type: string tcpFinTimeoutSeconds: - description: |- - TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive - integer value. type: integer tcpTimeoutSeconds: - description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' type: integer udpTimeoutSeconds: - description: 'UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.' type: integer type: object mode: - description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' + enum: + - IPTABLES + - IPVS type: string type: object loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + maximum: 64000 + minimum: 0 type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' + enum: + - NodeIP + - NodeIPConfiguration type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. + maximum: 100 + minimum: 1 type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + maximum: 100 + minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. + enum: + - basic + - standard type: string monitoring: - description: |- - Monitoring: This addon can be used to configure network monitoring and generate network monitoring data in Prometheus - format properties: enabled: - description: 'Enabled: Enable or disable the network monitoring plugin on the cluster' type: boolean type: object natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. + maximum: 16 + minimum: 1 type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' + enum: + - azure + - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + enum: + - bridge + - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + enum: + - azure + - kubenet + - none type: string networkPluginMode: - description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' + enum: + - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + enum: + - azure + - calico + - cilium + - none type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + enum: + - loadBalancer + - managedNATGateway + - userAssignedNATGateway + - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object nodeProvisioningProfile: - description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' properties: mode: - description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' + enum: + - Auto + - Manual type: string type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: The node resource group configuration profile.' properties: restrictionLevel: - description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' + enum: + - ReadOnly + - Unrestricted type: string type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean - issuerURL: - description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' + type: object + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + oidcIssuerProfile: + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: 'Secrets: configures where to place Azure generated secrets.' + properties: + adminCredentials: + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' - type: string - provisioningInfo: - properties: - error: - description: 'Error: Pod identity assignment error (if any).' - properties: - error: - description: 'Error: Details about the error.' - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - details: - description: 'Details: A list of additional details about the error.' - items: - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: array - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: object - type: object - provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string + required: + - identity + - name + - namespace type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object + required: + - name + - namespace + - podLabels type: object type: array type: object - powerState: - description: 'PowerState: The Power State of the cluster.' - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - type: string - type: object - privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' - type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' - type: string - id: - description: 'Id: The ID of the private link resource.' type: string name: - description: 'Name: The name of the private link resource.' - type: string - privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array - provisioningState: - description: 'ProvisioningState: The current provisioning state.' - type: string publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' - type: string - resourceUID: - description: |- - ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create - sequence) + enum: + - Disabled + - Enabled + - SecuredByPerimeter type: string safeguardsProfile: - description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' properties: excludedNamespaces: - description: 'ExcludedNamespaces: List of namespaces excluded from Safeguards checks' items: type: string type: array level: - description: |- - Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS - excludes via systemExcludedNamespaces + enum: + - Enforcement + - "Off" + - Warning type: string - systemExcludedNamespaces: - description: 'SystemExcludedNamespaces: List of namespaces specified by AKS to be excluded from Safeguards' - items: - type: string - type: array version: - description: 'Version: The version of constraints to use' type: string + required: + - level type: object securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. - type: string - keyVaultResourceId: - description: |- - KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must - be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + enum: + - Private + - Public type: string + keyVaultResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object customCATrustCertificates: - description: |- - CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the - Custom CA Trust feature enabled. For more information see [Custom CA Trust - Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string + maxItems: 10 + minItems: 0 type: array defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: - logAnalyticsWorkspaceResourceId: - description: |- - LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. - When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft - Defender is disabled, leave the field empty. - type: string + logAnalyticsWorkspaceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object imageIntegrity: - description: |- - ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This - will not have any effect unless Azure Policy is applied to enforce image signatures. See - https://aka.ms/aks/image-integrity for how to use this feature via policy. properties: enabled: - description: 'Enabled: Whether to enable image integrity. The default value is false.' type: boolean type: object nodeRestriction: - description: |- - NodeRestriction: [Node - Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings - for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' - type: string - keyVaultId: - description: 'KeyVaultId: The resource ID of the Key Vault.' type: string + keyVaultReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean nodeSelector: additionalProperties: type: string - description: 'NodeSelector: NodeSelector for scheduling the egress gateway.' type: object + required: + - enabled type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' + enum: + - External + - Internal type: string + required: + - enabled + - mode type: object type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string + maxItems: 2 type: array type: object mode: - description: 'Mode: Mode of the service mesh.' + enum: + - Disabled + - Istio type: string + required: + - mode type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string - type: object - sku: - description: 'Sku: The managed cluster SKU.' + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + required: + - clientId + type: object + sku: properties: name: - description: 'Name: The name of a managed cluster SKU.' + enum: + - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. + enum: + - Free + - Premium + - Standard type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean version: - description: 'Version: The version of AzureDisk CSI Driver. The default value is v1.' type: string type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' + enum: + - AKSLongTermSupport + - KubernetesOfficial type: string - systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' - properties: - createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' - type: string - createdBy: - description: 'CreatedBy: The identity that created the resource.' - type: string - createdByType: - description: 'CreatedByType: The type of identity that created the resource.' - type: string - lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' - type: string - lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' - type: string - lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' - type: string - type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object - type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' - type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - adminUsername: + adminPassword: description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + adminUsername: type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + enum: + - None + - Windows_Server type: string + required: + - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean + required: + - enabled type: object verticalPodAutoscaler: properties: addonAutoscaling: - description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' + enum: + - Disabled + - Enabled type: string enabled: - description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' type: boolean + required: + - enabled type: object type: object + required: + - location + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20231102previewstorage - schema: - openAPIV3Schema: - description: |- - Storage version of v1api20231102preview.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Storage version of v1api20231102preview.ManagedCluster_Spec + status: properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object aadProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAADProfile - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminGroupObjectIDs: items: type: string @@ -24503,48 +21498,29 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20231102preview.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object config: additionalProperties: type: string type: object enabled: type: boolean + identity: + properties: + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20231102preview.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object artifactStreamingProfile: - description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object @@ -24552,61 +21528,17 @@ spec: items: type: string type: array - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + capacityReservationGroupID: + type: string count: type: integer creationData: - description: |- - Storage version of v1api20231102preview.CreationData - Data used when creating a target resource from a source resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + sourceResourceId: + type: string type: object + currentOrchestratorVersion: + type: string enableAutoScaling: type: boolean enableCustomCATrust: @@ -24622,53 +21554,14 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20231102preview.AgentPoolGPUProfile properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object installGPUDriver: type: boolean type: object - hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + hostGroupID: + type: string kubeletConfig: - description: |- - Storage version of v1api20231102preview.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: items: type: string @@ -24697,31 +21590,11 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20231102preview.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20231102preview.SysctlConfig - Sysctl settings for Linux agent nodes. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: type: integer fsFileMax: @@ -24797,30 +21670,10 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolNetworkProfile - Network settings of an agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedHostPorts: items: - description: |- - Storage version of v1api20231102preview.PortRange - The port range. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object portEnd: type: integer portStart: @@ -24829,41 +21682,13 @@ spec: type: string type: object type: array - applicationSecurityGroupsReferences: + applicationSecurityGroups: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20231102preview.IPTag - Contains the IPTag associated with the object. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object ipTagType: type: string tag: @@ -24871,6 +21696,8 @@ spec: type: object type: array type: object + nodeImageVersion: + type: string nodeInitializationTaints: items: type: string @@ -24879,28 +21706,8 @@ spec: additionalProperties: type: string type: object - nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + nodePublicIPPrefixID: + type: string nodeTaints: items: type: string @@ -24915,64 +21722,17 @@ spec: type: string osType: type: string - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + podSubnetID: + type: string powerState: - description: |- - Storage version of v1api20231102preview.PowerState - Describes the Power State of the cluster properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: type: string type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + provisioningState: + type: string + proximityPlacementGroupID: + type: string scaleDownMode: type: string scaleSetEvictionPolicy: @@ -24980,17 +21740,7 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolSecurityProfile - The security settings of an agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enableSecureBoot: type: boolean enableVTPM: @@ -25007,17 +21757,7 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20231102preview.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object drainTimeoutInMinutes: type: integer maxSurge: @@ -25027,17 +21767,7 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20231102preview.VirtualMachineNodes - Current status on a group of nodes of the same vm size. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: type: integer size: @@ -25045,42 +21775,12 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20231102preview.VirtualMachinesProfile - Specifications on VirtualMachines agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object scale: - description: |- - Storage version of v1api20231102preview.ScaleProfile - Specifications on how to scale a VirtualMachines agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object manual: items: - description: |- - Storage version of v1api20231102preview.ManualScaleProfile - Specifications on number of machines. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: type: integer sizes: @@ -25093,41 +21793,10 @@ spec: type: object vmSize: type: string - vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + vnetSubnetID: + type: string windowsProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolWindowsProfile - The Windows agent pool's specific profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object disableOutboundNat: type: boolean type: object @@ -25136,34 +21805,12 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAIToolchainOperatorProfile - When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator - automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and - enables distributed inference against them. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object apiServerAccessProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object authorizedIPRanges: items: type: string @@ -25182,15 +21829,7 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20231102preview.ManagedClusterProperties_AutoScalerProfile properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object balance-similar-node-groups: type: string daemonset-eviction-for-empty-nodes: @@ -25233,162 +21872,45 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object nodeOSUpgradeChannel: type: string upgradeChannel: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfile - Prometheus addon profile for the container service cluster properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object logs: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileLogs - Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure - & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object appMonitoring: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoring - Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces - through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object containerInsights: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileContainerInsights - Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See - aka.ms/AzureMonitorContainerInsights for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean - logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing - Azure Monitor Container Insights Logs. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + logAnalyticsWorkspaceResourceId: + type: string windowsHostLogs: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileWindowsHostLogs - Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See - aka.ms/AzureMonitorContainerInsights for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object type: object metrics: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileMetrics - Metrics profile for the prometheus service addon properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object appMonitoringOpenTelemetryMetrics: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics - Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects - OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileKubeStateMetrics - Kube State Metrics for prometheus addon profile for the container service cluster properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object metricAnnotationsAllowList: type: string metricLabelsAllowlist: @@ -25396,68 +21918,63 @@ spec: type: object type: object type: object - azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. + azurePortalFQDN: type: string + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array creationData: - description: |- - Storage version of v1api20231102preview.CreationData - Data used when creating a target resource from a source resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + sourceResourceId: + type: string type: object + currentKubernetesVersion: + type: string disableLocalAccounts: type: boolean - diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + diskEncryptionSetID: + type: string dnsPrefix: type: string enableNamespaceResources: @@ -25467,36 +21984,22 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20231102preview.ExtendedLocation - The complex type of the extended location. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string type: type: string type: object + fqdn: + type: string fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20231102preview.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. properties: - $propertyBag: - additionalProperties: + effectiveNoProxy: + items: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + type: array httpProxy: type: string httpsProxy: @@ -25508,227 +22011,82 @@ spec: trustedCa: type: string type: object + id: + type: string identity: - description: |- - Storage version of v1api20231102preview.ManagedClusterIdentity - Identity for the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20231102preview.DelegatedResource - Delegated resource properties - internal use only. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object location: type: string referralResource: type: string - resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string tenantId: type: string type: object type: object + principalId: + type: string + tenantId: + type: string type: type: string userAssignedIdentities: - items: - description: |- - Storage version of v1api20231102preview.UserAssignedIdentityDetails - Information about the user assigned identity for the resource + additionalProperties: properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + clientId: + type: string + principalId: + type: string type: object - type: array + type: object type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20231102preview.UserAssignedIdentity - Details about a user assigned identity. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string objectId: type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object type: object ingressProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterIngressProfile - Ingress profile for the container service cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object webAppRouting: - description: |- - Storage version of v1api20231102preview.ManagedClusterIngressProfileWebAppRouting - Web App Routing settings for the ingress profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - dnsZoneResourceReferences: + dnsZoneResourceIds: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string type: array enabled: type: boolean + identity: + properties: + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object type: object kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20231102preview.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20231102preview.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicKeys: items: - description: |- - Storage version of v1api20231102preview.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keyData: type: string type: object @@ -25737,46 +22095,20 @@ spec: type: object location: type: string + maxAgentPools: + type: integer metricsProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterMetricsProfile - The metrics profile for the ManagedCluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object costAnalysis: - description: |- - Storage version of v1api20231102preview.ManagedClusterCostAnalysis - The cost analysis configuration for the cluster properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object + name: + type: string networkProfile: - description: |- - Storage version of v1api20231102preview.ContainerServiceNetworkProfile - Profile of network configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object dnsServiceIP: type: string ipFamilies: @@ -25784,27 +22116,11 @@ spec: type: string type: array kubeProxyConfig: - description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_KubeProxyConfig properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean ipvsConfig: - description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object scheduler: type: string tcpFinTimeoutSeconds: @@ -25818,54 +22134,16 @@ spec: type: string type: object loadBalancerProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allocatedOutboundPorts: type: integer backendPoolType: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20231102preview.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array enableMultipleStandardLoadBalancers: @@ -25873,109 +22151,29 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: type: integer countIPv6: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20231102preview.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array type: object outboundIPs: - description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_OutboundIPs properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPs: items: - description: |- - Storage version of v1api20231102preview.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array type: object @@ -25983,81 +22181,23 @@ spec: loadBalancerSku: type: string monitoring: - description: |- - Storage version of v1api20231102preview.NetworkMonitoring - This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object natGatewayProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterNATGatewayProfile - Profile of the managed cluster NAT gateway. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20231102preview.ResourceReference - A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + type: string type: object type: array idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterManagedOutboundIPProfile - Profile of the managed outbound IP resources of the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: type: integer type: object @@ -26088,240 +22228,81 @@ spec: type: array type: object nodeProvisioningProfile: - description: Storage version of v1api20231102preview.ManagedClusterNodeProvisioningProfile properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object mode: type: string type: object nodeResourceGroup: type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterNodeResourceGroupProfile - Node resource group lockdown profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterOIDCIssuerProfile - The OIDC issuer profile of the Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean - type: object - operatorSpec: - description: |- - Storage version of v1api20231102preview.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - configMaps: - description: Storage version of v1api20231102preview.ManagedClusterOperatorConfigMaps - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - secrets: - description: Storage version of v1api20231102preview.ManagedClusterOperatorSecrets - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - originalVersion: - type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. + issuerURL: type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterPodIdentityProfile - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowNetworkPluginKubenet: type: boolean enabled: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20231102preview.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20231102preview.UserAssignedIdentity - Details about a user assigned identity. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string objectId: type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object name: type: string namespace: type: string + provisioningInfo: + properties: + error: + properties: + error: + properties: + code: + type: string + details: + items: + properties: + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string type: object type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20231102preview.ManagedClusterPodIdentityException - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string namespace: @@ -26333,43 +22314,24 @@ spec: type: object type: array type: object + powerState: + properties: + code: + type: string + type: object + privateFQDN: + type: string privateLinkResources: items: - description: |- - Storage version of v1api20231102preview.PrivateLinkResource - A private link resource properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object groupId: type: string + id: + type: string name: type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + privateLinkServiceID: + type: string requiredMembers: items: type: string @@ -26378,305 +22340,102 @@ spec: type: string type: object type: array + provisioningState: + type: string publicNetworkAccess: type: string + resourceUID: + type: string safeguardsProfile: - description: |- - Storage version of v1api20231102preview.SafeguardsProfile - The Safeguards profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object excludedNamespaces: items: type: string type: array level: type: string + systemExcludedNamespaces: + items: + type: string + type: array version: type: string type: object securityProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfile - Security profile for the container service cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object azureKeyVaultKms: - description: |- - Storage version of v1api20231102preview.AzureKeyVaultKms - Azure Key Vault key management service settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean keyId: type: string keyVaultNetworkAccess: type: string - keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + keyVaultResourceId: + type: string type: object customCATrustCertificates: items: type: string type: array defender: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefender - Microsoft Defender settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + logAnalyticsWorkspaceResourceId: + type: string securityMonitoring: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring - Microsoft Defender settings for the security profile threat detection. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageCleaner - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean intervalHours: type: integer type: object imageIntegrity: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageIntegrity - Image integrity related settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object nodeRestriction: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileNodeRestriction - Node Restriction settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object workloadIdentity: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileWorkloadIdentity - Workload identity settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20231102preview.ServiceMeshProfile - Service mesh profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object istio: - description: |- - Storage version of v1api20231102preview.IstioServiceMesh - Istio service mesh configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object certificateAuthority: - description: |- - Storage version of v1api20231102preview.IstioCertificateAuthority - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object plugin: - description: |- - Storage version of v1api20231102preview.IstioPluginCertificateAuthority - Plugin certificates information for Service Mesh. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object certChainObjectName: type: string certObjectName: type: string keyObjectName: type: string - keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + keyVaultId: + type: string rootCertObjectName: type: string type: object type: object components: - description: |- - Storage version of v1api20231102preview.IstioComponents - Istio components configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object egressGateways: items: - description: |- - Storage version of v1api20231102preview.IstioEgressGateway - Istio egress gateway configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean nodeSelector: @@ -26687,18 +22446,7 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20231102preview.IstioIngressGateway - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean mode: @@ -26715,159 +22463,69 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: type: string - secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object type: object sku: - description: |- - Storage version of v1api20231102preview.ManagedClusterSKU - The SKU of a Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: type: string tier: type: string type: object storageProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfile - Storage profile for the container service cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object blobCSIDriver: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfileBlobCSIDriver - AzureBlob CSI Driver settings for the storage profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfileDiskCSIDriver - AzureDisk CSI Driver settings for the storage profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean version: type: string type: object fileCSIDriver: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfileFileCSIDriver - AzureFile CSI Driver settings for the storage profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfileSnapshotController - Snapshot Controller settings for the storage profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object type: object supportPlan: type: string + systemData: + properties: + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: + type: string + type: object tags: additionalProperties: type: string type: object + type: + type: string upgradeSettings: - description: |- - Storage version of v1api20231102preview.ClusterUpgradeSettings - Settings for upgrading a cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object overrideSettings: - description: |- - Storage version of v1api20231102preview.UpgradeOverrideSettings - Settings for overrides when upgrading a cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object forceUpgrade: type: boolean until: @@ -26875,50 +22533,13 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20231102preview.WindowsGmsaProfile - Windows gMSA Profile in the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object dnsServer: type: string enabled: @@ -26930,55 +22551,63 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfile - Workload Auto-scaler profile for the managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keda: - description: |- - Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileKeda - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object addonAutoscaling: type: string enabled: type: boolean type: object type: object - required: - - owner type: object - status: + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20231102previewstorage + schema: + openAPIV3Schema: + description: Storage version of v1api20231102preview.ManagedCluster + properties: + apiVersion: description: |- - Storage version of v1api20231102preview.ManagedCluster_STATUS - Managed cluster. + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20231102preview.ManagedCluster_Spec properties: $propertyBag: additionalProperties: @@ -26988,9 +22617,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAADProfile_STATUS - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: Storage version of v1api20231102preview.ManagedClusterAADProfile properties: $propertyBag: additionalProperties: @@ -27018,9 +22645,7 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20231102preview.ManagedClusterAddonProfile_STATUS - A Kubernetes add-on profile for a managed cluster. + description: Storage version of v1api20231102preview.ManagedClusterAddonProfile properties: $propertyBag: additionalProperties: @@ -27035,32 +22660,11 @@ spec: type: object enabled: type: boolean - identity: - description: |- - Storage version of v1api20231102preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - clientId: - type: string - objectId: - type: string - resourceId: - type: string - type: object type: object type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20231102preview.ManagedClusterAgentPoolProfile_STATUS - Profile for the container service agent pool. + description: Storage version of v1api20231102preview.ManagedClusterAgentPoolProfile properties: $propertyBag: additionalProperties: @@ -27070,7 +22674,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: - description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile_STATUS + description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile properties: $propertyBag: additionalProperties: @@ -27086,14 +22690,30 @@ spec: items: type: string type: array - capacityReservationGroupID: - type: string + capacityReservationGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: type: integer creationData: - description: |- - Storage version of v1api20231102preview.CreationData_STATUS - Data used when creating a target resource from a source resource. + description: Storage version of v1api20231102preview.CreationData properties: $propertyBag: additionalProperties: @@ -27102,11 +22722,27 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - sourceResourceId: - type: string + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentOrchestratorVersion: - type: string enableAutoScaling: type: boolean enableCustomCATrust: @@ -27122,7 +22758,7 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20231102preview.AgentPoolGPUProfile_STATUS + description: Storage version of v1api20231102preview.AgentPoolGPUProfile properties: $propertyBag: additionalProperties: @@ -27134,12 +22770,28 @@ spec: installGPUDriver: type: boolean type: object - hostGroupID: - type: string + hostGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: - description: |- - Storage version of v1api20231102preview.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: Storage version of v1api20231102preview.KubeletConfig properties: $propertyBag: additionalProperties: @@ -27176,9 +22828,7 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20231102preview.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: Storage version of v1api20231102preview.LinuxOSConfig properties: $propertyBag: additionalProperties: @@ -27190,9 +22840,7 @@ spec: swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20231102preview.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. + description: Storage version of v1api20231102preview.SysctlConfig properties: $propertyBag: additionalProperties: @@ -27276,9 +22924,7 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. + description: Storage version of v1api20231102preview.AgentPoolNetworkProfile properties: $propertyBag: additionalProperties: @@ -27289,9 +22935,7 @@ spec: type: object allowedHostPorts: items: - description: |- - Storage version of v1api20231102preview.PortRange_STATUS - The port range. + description: Storage version of v1api20231102preview.PortRange properties: $propertyBag: additionalProperties: @@ -27308,15 +22952,31 @@ spec: type: string type: object type: array - applicationSecurityGroups: + applicationSecurityGroupsReferences: items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20231102preview.IPTag_STATUS - Contains the IPTag associated with the object. + description: Storage version of v1api20231102preview.IPTag properties: $propertyBag: additionalProperties: @@ -27332,8 +22992,6 @@ spec: type: object type: array type: object - nodeImageVersion: - type: string nodeInitializationTaints: items: type: string @@ -27342,8 +23000,26 @@ spec: additionalProperties: type: string type: object - nodePublicIPPrefixID: - type: string + nodePublicIPPrefixReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: items: type: string @@ -27358,12 +23034,28 @@ spec: type: string osType: type: string - podSubnetID: - type: string + podSubnetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object powerState: - description: |- - Storage version of v1api20231102preview.PowerState_STATUS - Describes the Power State of the cluster + description: Storage version of v1api20231102preview.PowerState properties: $propertyBag: additionalProperties: @@ -27375,10 +23067,26 @@ spec: code: type: string type: object - provisioningState: - type: string - proximityPlacementGroupID: - type: string + proximityPlacementGroupReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object scaleDownMode: type: string scaleSetEvictionPolicy: @@ -27386,9 +23094,7 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. + description: Storage version of v1api20231102preview.AgentPoolSecurityProfile properties: $propertyBag: additionalProperties: @@ -27413,9 +23119,7 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20231102preview.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool + description: Storage version of v1api20231102preview.AgentPoolUpgradeSettings properties: $propertyBag: additionalProperties: @@ -27433,9 +23137,7 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20231102preview.VirtualMachineNodes_STATUS - Current status on a group of nodes of the same vm size. + description: Storage version of v1api20231102preview.VirtualMachineNodes properties: $propertyBag: additionalProperties: @@ -27451,9 +23153,7 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20231102preview.VirtualMachinesProfile_STATUS - Specifications on VirtualMachines agent pool. + description: Storage version of v1api20231102preview.VirtualMachinesProfile properties: $propertyBag: additionalProperties: @@ -27463,9 +23163,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20231102preview.ScaleProfile_STATUS - Specifications on how to scale a VirtualMachines agent pool. + description: Storage version of v1api20231102preview.ScaleProfile properties: $propertyBag: additionalProperties: @@ -27476,9 +23174,7 @@ spec: type: object manual: items: - description: |- - Storage version of v1api20231102preview.ManualScaleProfile_STATUS - Specifications on number of machines. + description: Storage version of v1api20231102preview.ManualScaleProfile properties: $propertyBag: additionalProperties: @@ -27499,12 +23195,28 @@ spec: type: object vmSize: type: string - vnetSubnetID: - type: string + vnetSubnetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object windowsProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. + description: Storage version of v1api20231102preview.AgentPoolWindowsProfile properties: $propertyBag: additionalProperties: @@ -27521,11 +23233,7 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAIToolchainOperatorProfile_STATUS - When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator - automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and - enables distributed inference against them. + description: Storage version of v1api20231102preview.ManagedClusterAIToolchainOperatorProfile properties: $propertyBag: additionalProperties: @@ -27538,9 +23246,7 @@ spec: type: boolean type: object apiServerAccessProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAPIServerAccessProfile_STATUS - Access profile for managed cluster API server. + description: Storage version of v1api20231102preview.ManagedClusterAPIServerAccessProfile properties: $propertyBag: additionalProperties: @@ -27567,7 +23273,7 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20231102preview.ManagedClusterProperties_AutoScalerProfile_STATUS + description: Storage version of v1api20231102preview.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: @@ -27618,9 +23324,7 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAutoUpgradeProfile_STATUS - Auto upgrade profile for a managed cluster. + description: Storage version of v1api20231102preview.ManagedClusterAutoUpgradeProfile properties: $propertyBag: additionalProperties: @@ -27635,9 +23339,7 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfile_STATUS - Prometheus addon profile for the container service cluster + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfile properties: $propertyBag: additionalProperties: @@ -27647,10 +23349,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object logs: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileLogs_STATUS - Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure - & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileLogs properties: $propertyBag: additionalProperties: @@ -27660,11 +23359,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object appMonitoring: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoring_STATUS - Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces - through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoring properties: $propertyBag: additionalProperties: @@ -27677,10 +23372,7 @@ spec: type: boolean type: object containerInsights: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileContainerInsights_STATUS - Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See - aka.ms/AzureMonitorContainerInsights for an overview. + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileContainerInsights properties: $propertyBag: additionalProperties: @@ -27691,13 +23383,28 @@ spec: type: object enabled: type: boolean - logAnalyticsWorkspaceResourceId: - type: string + logAnalyticsWorkspaceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object windowsHostLogs: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileWindowsHostLogs_STATUS - Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See - aka.ms/AzureMonitorContainerInsights for an overview. + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileWindowsHostLogs properties: $propertyBag: additionalProperties: @@ -27712,9 +23419,7 @@ spec: type: object type: object metrics: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileMetrics_STATUS - Metrics profile for the prometheus service addon + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileMetrics properties: $propertyBag: additionalProperties: @@ -27724,11 +23429,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object appMonitoringOpenTelemetryMetrics: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS - Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects - OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics properties: $propertyBag: additionalProperties: @@ -27743,9 +23444,7 @@ spec: enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS - Kube State Metrics for prometheus addon profile for the container service cluster + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileKubeStateMetrics properties: $propertyBag: additionalProperties: @@ -27761,55 +23460,13 @@ spec: type: object type: object type: object - azurePortalFQDN: + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string - conditions: - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array creationData: - description: |- - Storage version of v1api20231102preview.CreationData_STATUS - Data used when creating a target resource from a source resource. + description: Storage version of v1api20231102preview.CreationData properties: $propertyBag: additionalProperties: @@ -27818,15 +23475,49 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - sourceResourceId: - type: string + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentKubernetesVersion: - type: string disableLocalAccounts: type: boolean - diskEncryptionSetID: - type: string + diskEncryptionSetReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: type: string enableNamespaceResources: @@ -27836,9 +23527,7 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20231102preview.ExtendedLocation_STATUS - The complex type of the extended location. + description: Storage version of v1api20231102preview.ExtendedLocation properties: $propertyBag: additionalProperties: @@ -27852,14 +23541,10 @@ spec: type: type: string type: object - fqdn: - type: string fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20231102preview.ManagedClusterHTTPProxyConfig_STATUS - Cluster HTTP proxy configuration. + description: Storage version of v1api20231102preview.ManagedClusterHTTPProxyConfig properties: $propertyBag: additionalProperties: @@ -27868,10 +23553,6 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - effectiveNoProxy: - items: - type: string - type: array httpProxy: type: string httpsProxy: @@ -27883,12 +23564,8 @@ spec: trustedCa: type: string type: object - id: - type: string identity: - description: |- - Storage version of v1api20231102preview.ManagedClusterIdentity_STATUS - Identity for the managed cluster. + description: Storage version of v1api20231102preview.ManagedClusterIdentity properties: $propertyBag: additionalProperties: @@ -27899,9 +23576,7 @@ spec: type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20231102preview.DelegatedResource_STATUS - Delegated resource properties - internal use only. + description: Storage version of v1api20231102preview.DelegatedResource properties: $propertyBag: additionalProperties: @@ -27914,21 +23589,35 @@ spec: type: string referralResource: type: string - resourceId: - type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object tenantId: type: string type: object type: object - principalId: - type: string - tenantId: - type: string type: type: string userAssignedIdentities: - additionalProperties: - description: Storage version of v1api20231102preview.ManagedClusterIdentity_UserAssignedIdentities_STATUS + items: + description: Storage version of v1api20231102preview.UserAssignedIdentityDetails properties: $propertyBag: additionalProperties: @@ -27937,18 +23626,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - clientId: - type: string - principalId: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - type: object + type: array type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20231102preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. + description: Storage version of v1api20231102preview.UserAssignedIdentity properties: $propertyBag: additionalProperties: @@ -27961,14 +23664,30 @@ spec: type: string objectId: type: string - resourceId: - type: string + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: object ingressProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterIngressProfile_STATUS - Ingress profile for the container service cluster. + description: Storage version of v1api20231102preview.ManagedClusterIngressProfile properties: $propertyBag: additionalProperties: @@ -27978,9 +23697,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: |- - Storage version of v1api20231102preview.ManagedClusterIngressProfileWebAppRouting_STATUS - Web App Routing settings for the ingress profile. + description: Storage version of v1api20231102preview.ManagedClusterIngressProfileWebAppRouting properties: $propertyBag: additionalProperties: @@ -27989,39 +23706,36 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - dnsZoneResourceIds: + dnsZoneResourceReferences: items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array enabled: type: boolean - identity: - description: |- - Storage version of v1api20231102preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - clientId: - type: string - objectId: - type: string - resourceId: - type: string - type: object type: object type: object kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20231102preview.ContainerServiceLinuxProfile_STATUS - Profile for Linux VMs in the container service cluster. + description: Storage version of v1api20231102preview.ContainerServiceLinuxProfile properties: $propertyBag: additionalProperties: @@ -28033,9 +23747,7 @@ spec: adminUsername: type: string ssh: - description: |- - Storage version of v1api20231102preview.ContainerServiceSshConfiguration_STATUS - SSH configuration for Linux-based VMs running on Azure. + description: Storage version of v1api20231102preview.ContainerServiceSshConfiguration properties: $propertyBag: additionalProperties: @@ -28046,9 +23758,7 @@ spec: type: object publicKeys: items: - description: |- - Storage version of v1api20231102preview.ContainerServiceSshPublicKey_STATUS - Contains information about SSH certificate public key data. + description: Storage version of v1api20231102preview.ContainerServiceSshPublicKey properties: $propertyBag: additionalProperties: @@ -28065,12 +23775,8 @@ spec: type: object location: type: string - maxAgentPools: - type: integer metricsProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterMetricsProfile_STATUS - The metrics profile for the ManagedCluster. + description: Storage version of v1api20231102preview.ManagedClusterMetricsProfile properties: $propertyBag: additionalProperties: @@ -28080,9 +23786,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: |- - Storage version of v1api20231102preview.ManagedClusterCostAnalysis_STATUS - The cost analysis configuration for the cluster + description: Storage version of v1api20231102preview.ManagedClusterCostAnalysis properties: $propertyBag: additionalProperties: @@ -28095,12 +23799,8 @@ spec: type: boolean type: object type: object - name: - type: string networkProfile: - description: |- - Storage version of v1api20231102preview.ContainerServiceNetworkProfile_STATUS - Profile of network configuration. + description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile properties: $propertyBag: additionalProperties: @@ -28116,7 +23816,7 @@ spec: type: string type: array kubeProxyConfig: - description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_KubeProxyConfig_STATUS + description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_KubeProxyConfig properties: $propertyBag: additionalProperties: @@ -28128,7 +23828,7 @@ spec: enabled: type: boolean ipvsConfig: - description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS + description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig properties: $propertyBag: additionalProperties: @@ -28150,9 +23850,7 @@ spec: type: string type: object loadBalancerProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_STATUS - Profile of the managed cluster load balancer. + description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile properties: $propertyBag: additionalProperties: @@ -28167,9 +23865,7 @@ spec: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20231102preview.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20231102preview.ResourceReference properties: $propertyBag: additionalProperties: @@ -28178,8 +23874,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array enableMultipleStandardLoadBalancers: @@ -28187,7 +23901,7 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS + description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: @@ -28202,7 +23916,7 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS + description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: @@ -28213,9 +23927,7 @@ spec: type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20231102preview.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20231102preview.ResourceReference properties: $propertyBag: additionalProperties: @@ -28224,13 +23936,31 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS + description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: @@ -28241,9 +23971,7 @@ spec: type: object publicIPs: items: - description: |- - Storage version of v1api20231102preview.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20231102preview.ResourceReference properties: $propertyBag: additionalProperties: @@ -28252,8 +23980,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -28261,9 +24007,7 @@ spec: loadBalancerSku: type: string monitoring: - description: |- - Storage version of v1api20231102preview.NetworkMonitoring_STATUS - This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format + description: Storage version of v1api20231102preview.NetworkMonitoring properties: $propertyBag: additionalProperties: @@ -28276,9 +24020,7 @@ spec: type: boolean type: object natGatewayProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterNATGatewayProfile_STATUS - Profile of the managed cluster NAT gateway. + description: Storage version of v1api20231102preview.ManagedClusterNATGatewayProfile properties: $propertyBag: additionalProperties: @@ -28289,9 +24031,7 @@ spec: type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20231102preview.ResourceReference_STATUS - A reference to an Azure resource. + description: Storage version of v1api20231102preview.ResourceReference properties: $propertyBag: additionalProperties: @@ -28300,16 +24040,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterManagedOutboundIPProfile_STATUS - Profile of the managed outbound IP resources of the managed cluster. + description: Storage version of v1api20231102preview.ManagedClusterManagedOutboundIPProfile properties: $propertyBag: additionalProperties: @@ -28348,7 +24104,7 @@ spec: type: array type: object nodeProvisioningProfile: - description: Storage version of v1api20231102preview.ManagedClusterNodeProvisioningProfile_STATUS + description: Storage version of v1api20231102preview.ManagedClusterNodeProvisioningProfile properties: $propertyBag: additionalProperties: @@ -28363,9 +24119,7 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterNodeResourceGroupProfile_STATUS - Node resource group lockdown profile for a managed cluster. + description: Storage version of v1api20231102preview.ManagedClusterNodeResourceGroupProfile properties: $propertyBag: additionalProperties: @@ -28378,9 +24132,7 @@ spec: type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterOIDCIssuerProfile_STATUS - The OIDC issuer profile of the Managed Cluster. + description: Storage version of v1api20231102preview.ManagedClusterOIDCIssuerProfile properties: $propertyBag: additionalProperties: @@ -28391,14 +24143,171 @@ spec: type: object enabled: type: boolean - issuerURL: + type: object + operatorSpec: + description: |- + Storage version of v1api20231102preview.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: Storage version of v1api20231102preview.ManagedClusterOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + oidcIssuerProfile: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: Storage version of v1api20231102preview.ManagedClusterOperatorSecrets + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterPodIdentityProfile_STATUS - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. + description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProfile properties: $propertyBag: additionalProperties: @@ -28413,9 +24322,7 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20231102preview.ManagedClusterPodIdentity_STATUS - Details about the pod identity assigned to the Managed Cluster. + description: Storage version of v1api20231102preview.ManagedClusterPodIdentity properties: $propertyBag: additionalProperties: @@ -28427,9 +24334,7 @@ spec: bindingSelector: type: string identity: - description: |- - Storage version of v1api20231102preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. + description: Storage version of v1api20231102preview.UserAssignedIdentity properties: $propertyBag: additionalProperties: @@ -28442,85 +24347,36 @@ spec: type: string objectId: type: string - resourceId: - type: string - type: object - name: - type: string - namespace: - type: string - provisioningInfo: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentity_ProvisioningInfo_STATUS - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: - description: |- - Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. + resourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: + armId: description: |- - Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - details: - items: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - message: - type: string - target: - type: string - type: object - type: array - message: - type: string - target: - type: string - type: object + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string type: object type: object - provisioningState: + name: + type: string + namespace: type: string type: object type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20231102preview.ManagedClusterPodIdentityException_STATUS - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: Storage version of v1api20231102preview.ManagedClusterPodIdentityException properties: $propertyBag: additionalProperties: @@ -28540,28 +24396,9 @@ spec: type: object type: array type: object - powerState: - description: |- - Storage version of v1api20231102preview.PowerState_STATUS - Describes the Power State of the cluster - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - type: object - privateFQDN: - type: string privateLinkResources: items: - description: |- - Storage version of v1api20231102preview.PrivateLinkResource_STATUS - A private link resource + description: Storage version of v1api20231102preview.PrivateLinkResource properties: $propertyBag: additionalProperties: @@ -28572,12 +24409,28 @@ spec: type: object groupId: type: string - id: - type: string name: type: string - privateLinkServiceID: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: items: type: string @@ -28586,16 +24439,10 @@ spec: type: string type: object type: array - provisioningState: - type: string publicNetworkAccess: type: string - resourceUID: - type: string safeguardsProfile: - description: |- - Storage version of v1api20231102preview.SafeguardsProfile_STATUS - The Safeguards profile. + description: Storage version of v1api20231102preview.SafeguardsProfile properties: $propertyBag: additionalProperties: @@ -28610,17 +24457,11 @@ spec: type: array level: type: string - systemExcludedNamespaces: - items: - type: string - type: array version: type: string type: object securityProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfile_STATUS - Security profile for the container service cluster. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfile properties: $propertyBag: additionalProperties: @@ -28630,9 +24471,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20231102preview.AzureKeyVaultKms_STATUS - Azure Key Vault key management service settings for the security profile. + description: Storage version of v1api20231102preview.AzureKeyVaultKms properties: $propertyBag: additionalProperties: @@ -28647,17 +24486,33 @@ spec: type: string keyVaultNetworkAccess: type: string - keyVaultResourceId: - type: string + keyVaultResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object customCATrustCertificates: items: type: string type: array defender: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefender_STATUS - Microsoft Defender settings for the security profile. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefender properties: $propertyBag: additionalProperties: @@ -28666,12 +24521,28 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - logAnalyticsWorkspaceResourceId: - type: string + logAnalyticsWorkspaceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object securityMonitoring: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS - Microsoft Defender settings for the security profile threat detection. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring properties: $propertyBag: additionalProperties: @@ -28685,10 +24556,7 @@ spec: type: object type: object imageCleaner: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageCleaner_STATUS - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageCleaner properties: $propertyBag: additionalProperties: @@ -28703,9 +24571,7 @@ spec: type: integer type: object imageIntegrity: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageIntegrity_STATUS - Image integrity related settings for the security profile. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageIntegrity properties: $propertyBag: additionalProperties: @@ -28718,9 +24584,7 @@ spec: type: boolean type: object nodeRestriction: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileNodeRestriction_STATUS - Node Restriction settings for the security profile. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileNodeRestriction properties: $propertyBag: additionalProperties: @@ -28733,9 +24597,7 @@ spec: type: boolean type: object workloadIdentity: - description: |- - Storage version of v1api20231102preview.ManagedClusterSecurityProfileWorkloadIdentity_STATUS - Workload identity settings for the security profile. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileWorkloadIdentity properties: $propertyBag: additionalProperties: @@ -28749,9 +24611,7 @@ spec: type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20231102preview.ServiceMeshProfile_STATUS - Service mesh profile for a managed cluster. + description: Storage version of v1api20231102preview.ServiceMeshProfile properties: $propertyBag: additionalProperties: @@ -28761,9 +24621,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20231102preview.IstioServiceMesh_STATUS - Istio service mesh configuration. + description: Storage version of v1api20231102preview.IstioServiceMesh properties: $propertyBag: additionalProperties: @@ -28773,10 +24631,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20231102preview.IstioCertificateAuthority_STATUS - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca + description: Storage version of v1api20231102preview.IstioCertificateAuthority properties: $propertyBag: additionalProperties: @@ -28786,9 +24641,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20231102preview.IstioPluginCertificateAuthority_STATUS - Plugin certificates information for Service Mesh. + description: Storage version of v1api20231102preview.IstioPluginCertificateAuthority properties: $propertyBag: additionalProperties: @@ -28803,16 +24656,32 @@ spec: type: string keyObjectName: type: string - keyVaultId: - type: string + keyVaultReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object rootCertObjectName: type: string type: object type: object components: - description: |- - Storage version of v1api20231102preview.IstioComponents_STATUS - Istio components configuration. + description: Storage version of v1api20231102preview.IstioComponents properties: $propertyBag: additionalProperties: @@ -28823,9 +24692,7 @@ spec: type: object egressGateways: items: - description: |- - Storage version of v1api20231102preview.IstioEgressGateway_STATUS - Istio egress gateway configuration. + description: Storage version of v1api20231102preview.IstioEgressGateway properties: $propertyBag: additionalProperties: @@ -28844,10 +24711,7 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20231102preview.IstioIngressGateway_STATUS - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: Storage version of v1api20231102preview.IstioIngressGateway properties: $propertyBag: additionalProperties: @@ -28872,9 +24736,7 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterServicePrincipalProfile_STATUS - Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: Storage version of v1api20231102preview.ManagedClusterServicePrincipalProfile properties: $propertyBag: additionalProperties: @@ -28885,11 +24747,26 @@ spec: type: object clientId: type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object type: object sku: - description: |- - Storage version of v1api20231102preview.ManagedClusterSKU_STATUS - The SKU of a Managed Cluster. + description: Storage version of v1api20231102preview.ManagedClusterSKU properties: $propertyBag: additionalProperties: @@ -28904,9 +24781,7 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfile_STATUS - Storage profile for the container service cluster. + description: Storage version of v1api20231102preview.ManagedClusterStorageProfile properties: $propertyBag: additionalProperties: @@ -28916,9 +24791,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfileBlobCSIDriver_STATUS - AzureBlob CSI Driver settings for the storage profile. + description: Storage version of v1api20231102preview.ManagedClusterStorageProfileBlobCSIDriver properties: $propertyBag: additionalProperties: @@ -28931,9 +24804,7 @@ spec: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfileDiskCSIDriver_STATUS - AzureDisk CSI Driver settings for the storage profile. + description: Storage version of v1api20231102preview.ManagedClusterStorageProfileDiskCSIDriver properties: $propertyBag: additionalProperties: @@ -28948,9 +24819,7 @@ spec: type: string type: object fileCSIDriver: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfileFileCSIDriver_STATUS - AzureFile CSI Driver settings for the storage profile. + description: Storage version of v1api20231102preview.ManagedClusterStorageProfileFileCSIDriver properties: $propertyBag: additionalProperties: @@ -28963,9 +24832,7 @@ spec: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20231102preview.ManagedClusterStorageProfileSnapshotController_STATUS - Snapshot Controller settings for the storage profile. + description: Storage version of v1api20231102preview.ManagedClusterStorageProfileSnapshotController properties: $propertyBag: additionalProperties: @@ -28980,41 +24847,12 @@ spec: type: object supportPlan: type: string - systemData: - description: |- - Storage version of v1api20231102preview.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - createdAt: - type: string - createdBy: - type: string - createdByType: - type: string - lastModifiedAt: - type: string - lastModifiedBy: - type: string - lastModifiedByType: - type: string - type: object tags: additionalProperties: type: string type: object - type: - type: string upgradeSettings: - description: |- - Storage version of v1api20231102preview.ClusterUpgradeSettings_STATUS - Settings for upgrading a cluster. + description: Storage version of v1api20231102preview.ClusterUpgradeSettings properties: $propertyBag: additionalProperties: @@ -29024,9 +24862,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20231102preview.UpgradeOverrideSettings_STATUS - Settings for overrides when upgrading a cluster. + description: Storage version of v1api20231102preview.UpgradeOverrideSettings properties: $propertyBag: additionalProperties: @@ -29042,9 +24878,7 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterWindowsProfile_STATUS - Profile for Windows VMs in the managed cluster. + description: Storage version of v1api20231102preview.ManagedClusterWindowsProfile properties: $propertyBag: additionalProperties: @@ -29053,14 +24887,29 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object + adminPassword: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20231102preview.WindowsGmsaProfile_STATUS - Windows gMSA Profile in the managed cluster. + description: Storage version of v1api20231102preview.WindowsGmsaProfile properties: $propertyBag: additionalProperties: @@ -29080,9 +24929,7 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfile_STATUS - Workload Auto-scaler profile for the managed cluster. + description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfile properties: $propertyBag: additionalProperties: @@ -29092,9 +24939,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileKeda properties: $propertyBag: additionalProperties: @@ -29107,7 +24952,7 @@ spec: type: boolean type: object verticalPodAutoscaler: - description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS + description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler properties: $propertyBag: additionalProperties: @@ -29122,826 +24967,486 @@ spec: type: boolean type: object type: object + required: + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20240402preview - schema: - openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: + status: + description: Storage version of v1api20231102preview.ManagedCluster_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' + description: Storage version of v1api20231102preview.ManagedClusterAADProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. + description: Storage version of v1api20231102preview.ManagedClusterAddonProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - required: - - enabled + identity: + description: Storage version of v1api20231102preview.UserAssignedIdentity_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. + description: Storage version of v1api20231102preview.ManagedClusterAgentPoolProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile_STATUS properties: - enabled: + $propertyBag: + additionalProperties: + type: string description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: type: boolean type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + capacityReservationGroupID: + type: string count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + description: Storage version of v1api20231102preview.CreationData_STATUS properties: - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + sourceResourceId: + type: string type: object + currentOrchestratorVersion: + type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean - gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. - properties: - publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. - maximum: 31 - minimum: 28 - type: integer - type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g type: string gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' + description: Storage version of v1api20231102preview.AgentPoolGPUProfile_STATUS properties: - installGPUDriver: + $propertyBag: + additionalProperties: + type: string description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: type: boolean type: object - hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + hostGroupID: + type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: Storage version of v1api20231102preview.KubeletConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: Storage version of v1api20231102preview.LinuxOSConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: Storage version of v1api20231102preview.SysctlConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - maximum: 90 - minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - maximum: 524288 - minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - maximum: 2097152 - minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - Gateway - - System - - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' - pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' + description: Storage version of v1api20231102preview.AgentPoolNetworkProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. + description: Storage version of v1api20231102preview.PortRange_STATUS properties: - portEnd: + $propertyBag: + additionalProperties: + type: string description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. - maximum: 65535 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. - maximum: 65535 - minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' - enum: - - TCP - - UDP type: string type: object type: array - applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. + applicationSecurityGroups: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. + description: Storage version of v1api20231102preview.IPTag_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object + nodeImageVersion: + type: string nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` items: type: string type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' - type: object - nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string type: object + nodePublicIPPrefixID: + type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: - maximum: 2048 - minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. - enum: - - AzureLinux - - CBLMariner - - Mariner - - Ubuntu - - Windows2019 - - Windows2022 - - WindowsAnnual type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows type: string - podIPAllocationMode: - description: |- - PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is - 'DynamicIndividual'. - enum: - - DynamicIndividual - - StaticBlock + podSubnetID: type: string - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + powerState: + description: Storage version of v1api20231102preview.PowerState_STATUS properties: - armId: + $propertyBag: + additionalProperties: + type: string description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - enum: - - Running - - Stopped - type: string - type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: type: string type: object + provisioningState: + type: string + proximityPlacementGroupID: + type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - enum: - - Deallocate - - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' + description: Storage version of v1api20231102preview.AgentPoolSecurityProfile_STATUS properties: - enableSecureBoot: + $propertyBag: + additionalProperties: + type: string description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' - enum: - - Disabled - - LocalUser type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets - - VirtualMachines type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: Storage version of v1api20231102preview.AgentPoolUpgradeSettings_STATUS properties: - drainTimeoutInMinutes: + $propertyBag: + additionalProperties: + type: string description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. - maximum: 1440 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. - maximum: 30 - minimum: 0 type: integer - undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. - enum: - - Cordon - - Schedule - type: string type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. + description: Storage version of v1api20231102preview.VirtualMachineNodes_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + description: Storage version of v1api20231102preview.VirtualMachinesProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' + description: Storage version of v1api20231102preview.ScaleProfile_STATUS properties: - autoscale: + $propertyBag: + additionalProperties: + type: string description: |- - Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, - at most one AutoScaleProfile is allowed. - items: - description: Specifications on auto-scaling. - properties: - maxCount: - description: 'MaxCount: The maximum number of nodes of the specified sizes.' - type: integer - minCount: - description: 'MinCount: The minimum number of nodes of the specified sizes.' - type: integer - sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS - will use the next size. - items: - type: string - type: array - type: object - type: array + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object manual: - description: |- - Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size. Currently, at most one - ManualScaleProfile is allowed. items: - description: Specifications on number of machines. + description: Storage version of v1api20231102preview.ManualScaleProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object count: - description: 'Count: Number of nodes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will - use the next size. items: type: string type: array @@ -29950,1759 +25455,1511 @@ spec: type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + vnetSubnetID: + type: string windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' + description: Storage version of v1api20231102preview.AgentPoolWindowsProfile_STATUS properties: - disableOutboundNat: + $propertyBag: + additionalProperties: + type: string description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - enum: - - KataMshvVmIsolation - - OCIContainer - - WasmWasi type: string - required: - - name type: object type: array aiToolchainOperatorProfile: - description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' + description: Storage version of v1api20231102preview.ManagedClusterAIToolchainOperatorProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Indicates if AI toolchain operator enabled or not.' type: boolean type: object apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' + description: Storage version of v1api20231102preview.ManagedClusterAPIServerAccessProfile_STATUS properties: - authorizedIPRanges: + $propertyBag: + additionalProperties: + type: string description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean enableVnetIntegration: - description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string subnetId: - description: |- - SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable - apiserver vnet integration. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + description: Storage version of v1api20231102preview.ManagedClusterProperties_AutoScalerProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the - node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be - deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion - of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node - will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: - description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' - enum: - - least-waste - - most-pods - - priority - - random type: string ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making - scaling down decisions. type: boolean max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' + description: Storage version of v1api20231102preview.ManagedClusterAutoUpgradeProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' - enum: - - NodeImage - - None - - SecurityPatch - - Unmanaged type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). - enum: - - node-image - - none - - patch - - rapid - - stable type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfile_STATUS properties: - appMonitoring: + $propertyBag: + additionalProperties: + type: string description: |- - AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics - and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + logs: + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileLogs_STATUS properties: - autoInstrumentation: + $propertyBag: + additionalProperties: + type: string description: |- - AutoInstrumentation: Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook - to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the - application. See aka.ms/AzureMonitorApplicationMonitoring for an overview. - properties: - enabled: - description: 'Enabled: Indicates if Application Monitoring Auto Instrumentation is enabled or not.' - type: boolean + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - openTelemetryLogs: - description: |- - OpenTelemetryLogs: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and - Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. + appMonitoring: + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoring_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.' type: boolean - port: - description: 'Port: The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.' - type: integer type: object - openTelemetryMetrics: - description: |- - OpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container - Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. + containerInsights: + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileContainerInsights_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' type: boolean - port: - description: 'Port: The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.' - type: integer + logAnalyticsWorkspaceResourceId: + type: string + windowsHostLogs: + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileWindowsHostLogs_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object type: object type: object - containerInsights: - description: |- - ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & - stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. + metrics: + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileMetrics_STATUS properties: - disableCustomMetrics: - description: |- - DisableCustomMetrics: Indicates whether custom metrics collection has to be disabled or not. If not specified the - default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is - false - type: boolean - disablePrometheusMetricsScraping: - description: |- - DisablePrometheusMetricsScraping: Indicates whether prometheus metrics scraping is disabled or not. If not specified the - default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field - is false - type: boolean - enabled: - description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' - type: boolean - logAnalyticsWorkspaceResourceReference: + $propertyBag: + additionalProperties: + type: string description: |- - LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing - Azure Monitor Container Insights Logs. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + appMonitoringOpenTelemetryMetrics: + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS properties: - armId: + $propertyBag: + additionalProperties: + type: string description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean type: object - syslogPort: - description: 'SyslogPort: The syslog host port. If not specified, the default port is 28330.' - type: integer - type: object - metrics: - description: 'Metrics: Metrics profile for the prometheus service addon' - properties: enabled: - description: 'Enabled: Whether to enable the Prometheus collector' type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' + description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS properties: - metricAnnotationsAllowList: + $propertyBag: + additionalProperties: + type: string description: |- - MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metricAnnotationsAllowList: type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels - metric. type: string type: object - required: - - enabled type: object type: object - azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ + azurePortalFQDN: type: string - bootstrapProfile: - description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' - properties: - artifactSource: - description: 'ArtifactSource: The source where the artifacts are downloaded from.' - enum: - - Cache - - Direct - type: string - containerRegistryReference: - description: |- - ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, - premium SKU and zone redundancy. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a - snapshot. + description: Storage version of v1api20231102preview.CreationData_STATUS properties: - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + sourceResourceId: + type: string type: object + currentKubernetesVersion: + type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + diskEncryptionSetID: + type: string dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enableNamespaceResources: - description: |- - EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed - cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as - a ARM Resource. type: boolean enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' + description: Storage version of v1api20231102preview.ExtendedLocation_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' - enum: - - EdgeZone type: string type: object + fqdn: + type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + description: Storage version of v1api20231102preview.ManagedClusterHTTPProxyConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + effectiveNoProxy: + items: + type: string + type: array httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object + id: + type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' + description: Storage version of v1api20231102preview.ManagedClusterIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. + description: Storage version of v1api20231102preview.DelegatedResource_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string - resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' - pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object + principalId: + type: string + tenantId: + type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). - enum: - - None - - SystemAssigned - - UserAssigned type: string userAssignedIdentities: - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - items: - description: Information about the user assigned identity for the resource + additionalProperties: + description: Storage version of v1api20231102preview.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + clientId: + type: string + principalId: + type: string type: object - type: array + type: object type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. + description: Storage version of v1api20231102preview.UserAssignedIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' + description: Storage version of v1api20231102preview.ManagedClusterIngressProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object webAppRouting: - description: 'WebAppRouting: Web App Routing settings for the ingress profile.' + description: Storage version of v1api20231102preview.ManagedClusterIngressProfileWebAppRouting_STATUS properties: - dnsZoneResourceReferences: + $propertyBag: + additionalProperties: + type: string description: |- - DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only - when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS - zones must be in the same resource group and all private DNS zones must be in the same resource group. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsZoneResourceIds: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string type: array enabled: - description: 'Enabled: Whether to enable Web App Routing.' type: boolean + identity: + description: Storage version of v1api20231102preview.UserAssignedIdentity_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object type: object type: object - kind: - description: 'Kind: This is primarily used to expose different UI experiences in the portal for different kinds' - type: string kubernetesVersion: - description: |- - KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades - must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> - 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' + description: Storage version of v1api20231102preview.ContainerServiceLinuxProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' - pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' + description: Storage version of v1api20231102preview.ContainerServiceSshConfiguration_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. + description: Storage version of v1api20231102preview.ContainerServiceSshPublicKey_STATUS properties: - keyData: + $propertyBag: + additionalProperties: + type: string description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: type: string - required: - - keyData type: object type: array - required: - - publicKeys type: object - required: - - adminUsername - - ssh type: object location: - description: 'Location: The geo-location where the resource lives' type: string + maxAgentPools: + type: integer metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' + description: Storage version of v1api20231102preview.ManagedClusterMetricsProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object costAnalysis: - description: 'CostAnalysis: The cost analysis configuration for the cluster' + description: Storage version of v1api20231102preview.ManagedClusterCostAnalysis_STATUS properties: - enabled: + $propertyBag: + additionalProperties: + type: string description: |- - Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will - add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the - default is false. For more information see aka.ms/aks/docs/cost-analysis. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: type: boolean type: object type: object + name: + type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' + description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_STATUS properties: - advancedNetworking: + $propertyBag: + additionalProperties: + type: string description: |- - AdvancedNetworking: Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced - networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking. - properties: - observability: - description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' - properties: - enabled: - description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' - type: boolean - type: object + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: - description: To determine if address belongs IPv4 or IPv6 family. - enum: - - IPv4 - - IPv6 type: string type: array kubeProxyConfig: - description: |- - KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy - defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ - where is represented by a - string. Kubernetes version 1.23 would be '1-23'. + description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_KubeProxyConfig_STATUS properties: - enabled: + $propertyBag: + additionalProperties: + type: string description: |- - Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by - default without these customizations). + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: type: boolean ipvsConfig: - description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' + description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object scheduler: - description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' - enum: - - LeastConnection - - RoundRobin type: string tcpFinTimeoutSeconds: - description: |- - TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive - integer value. type: integer tcpTimeoutSeconds: - description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' type: integer udpTimeoutSeconds: - description: 'UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.' type: integer type: object mode: - description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' - enum: - - IPTABLES - - IPVS type: string type: object loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' + description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_STATUS properties: - allocatedOutboundPorts: + $propertyBag: + additionalProperties: + type: string description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. - maximum: 64000 - minimum: 0 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allocatedOutboundPorts: type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' - enum: - - NodeIP - - NodeIPConfiguration - type: string - clusterServiceLoadBalancerHealthProbeMode: - description: 'ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.' - enum: - - ServiceNodePort - - Shared type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20231102preview.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. - maximum: 120 - minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' + description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: - count: + $propertyBag: + additionalProperties: + type: string description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. - maximum: 100 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. - maximum: 100 - minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' + description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20231102preview.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' + description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20231102preview.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. - enum: - - basic - - standard type: string + monitoring: + description: Storage version of v1api20231102preview.NetworkMonitoring_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' + description: Storage version of v1api20231102preview.ManagedClusterNATGatewayProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. + description: Storage version of v1api20231102preview.ResourceReference_STATUS properties: - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + id: + type: string type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. - maximum: 120 - minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' + description: Storage version of v1api20231102preview.ManagedClusterManagedOutboundIPProfile_STATUS properties: - count: + $propertyBag: + additionalProperties: + type: string description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. - maximum: 16 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' - enum: - - azure - - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' - enum: - - bridge - - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' - enum: - - azure - - kubenet - - none type: string networkPluginMode: - description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' - enum: - - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' - enum: - - azure - - calico - - cilium - - none type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). - enum: - - loadBalancer - - managedNATGateway - - none - - userAssignedNATGateway - - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array - podLinkLocalAccess: - description: |- - PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods - with hostNetwork=false. if not specified, the default is 'IMDS'. - enum: - - IMDS - - None - type: string serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. - pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array - staticEgressGatewayProfile: - description: |- - StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, - see https://aka.ms/aks/static-egress-gateway. - properties: - enabled: - description: 'Enabled: Indicates if Static Egress Gateway addon is enabled or not.' - type: boolean - type: object type: object nodeProvisioningProfile: - description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' + description: Storage version of v1api20231102preview.ManagedClusterNodeProvisioningProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object mode: - description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' - enum: - - Auto - - Manual type: string type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: The node resource group configuration profile.' + description: Storage version of v1api20231102preview.ManagedClusterNodeResourceGroupProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object restrictionLevel: - description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' - enum: - - ReadOnly - - Unrestricted type: string type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' + description: Storage version of v1api20231102preview.ManagedClusterOIDCIssuerProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean - type: object - operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure - properties: - configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' - properties: - oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - secrets: - description: 'Secrets: configures where to place Azure generated secrets.' - properties: - adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. + issuerURL: type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. + description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProfile_STATUS properties: - allowNetworkPluginKubenet: + $propertyBag: + additionalProperties: + type: string description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowNetworkPluginKubenet: type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. + description: Storage version of v1api20231102preview.ManagedClusterPodIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' + description: Storage version of v1api20231102preview.UserAssignedIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + resourceId: + type: string type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string - required: - - identity - - name - - namespace + provisioningInfo: + description: Storage version of v1api20231102preview.ManagedClusterPodIdentity_ProvisioningInfo_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningError_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + details: + items: + description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: Storage version of v1api20231102preview.ManagedClusterPodIdentityException_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object - required: - - name - - namespace - - podLabels type: object type: array type: object + powerState: + description: Storage version of v1api20231102preview.PowerState_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + privateFQDN: + type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource + description: Storage version of v1api20231102preview.PrivateLinkResource_STATUS properties: - groupId: - description: 'GroupId: The group ID of the resource.' - type: string - name: - description: 'Name: The name of the private link resource.' - type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + groupId: + type: string + id: + type: string + name: + type: string + privateLinkServiceID: + type: string requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array + provisioningState: + type: string publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' - enum: - - Disabled - - Enabled - - SecuredByPerimeter + type: string + resourceUID: type: string safeguardsProfile: - description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' + description: Storage version of v1api20231102preview.SafeguardsProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object excludedNamespaces: - description: 'ExcludedNamespaces: List of namespaces excluded from Safeguards checks' items: type: string type: array level: - description: |- - Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS - excludes via systemExcludedNamespaces - enum: - - Enforcement - - "Off" - - Warning type: string + systemExcludedNamespaces: + items: + type: string + type: array version: - description: 'Version: The version of constraints to use' type: string - required: - - level type: object securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfile_STATUS properties: - azureKeyVaultKms: + $propertyBag: + additionalProperties: + type: string description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + azureKeyVaultKms: + description: Storage version of v1api20231102preview.AzureKeyVaultKms_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. - enum: - - Private - - Public type: string - keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + keyVaultResourceId: + type: string type: object customCATrustCertificates: - description: |- - CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the - Custom CA Trust feature enabled. For more information see [Custom CA Trust - Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string - maxItems: 10 - minItems: 0 type: array defender: - description: 'Defender: Microsoft Defender settings for the security profile.' + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefender_STATUS properties: - logAnalyticsWorkspaceResourceReference: + $propertyBag: + additionalProperties: + type: string description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + logAnalyticsWorkspaceResourceId: + type: string securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageCleaner_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object imageIntegrity: - description: |- - ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This - will not have any effect unless Azure Policy is applied to enforce image signatures. See - https://aka.ms/aks/image-integrity for how to use this feature via policy. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageIntegrity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable image integrity. The default value is false.' type: boolean type: object nodeRestriction: - description: |- - NodeRestriction: [Node - Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings - for the security profile. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileNodeRestriction_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. + description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileWorkloadIdentity_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' + description: Storage version of v1api20231102preview.ServiceMeshProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object istio: - description: 'Istio: Istio service mesh configuration.' + description: Storage version of v1api20231102preview.IstioServiceMesh_STATUS properties: - certificateAuthority: + $propertyBag: + additionalProperties: + type: string description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certificateAuthority: + description: Storage version of v1api20231102preview.IstioCertificateAuthority_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' + description: Storage version of v1api20231102preview.IstioPluginCertificateAuthority_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string - keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + keyVaultId: + type: string rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' + description: Storage version of v1api20231102preview.IstioComponents_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. + description: Storage version of v1api20231102preview.IstioEgressGateway_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean - required: - - enabled + nodeSelector: + additionalProperties: + type: string + type: object type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: Storage version of v1api20231102preview.IstioIngressGateway_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' - enum: - - External - - Internal type: string - required: - - enabled - - mode type: object type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string - maxItems: 2 type: array type: object mode: - description: 'Mode: Mode of the service mesh.' - enum: - - Disabled - - Istio type: string - required: - - mode type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. + description: Storage version of v1api20231102preview.ManagedClusterServicePrincipalProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object clientId: - description: 'ClientId: The ID for the service principal.' type: string - secret: - description: 'Secret: The secret password associated with the service principal in plain text.' - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - required: - - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' + description: Storage version of v1api20231102preview.ManagedClusterSKU_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: 'Name: The name of a managed cluster SKU.' - enum: - - Automatic - - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. - enum: - - Free - - Premium - - Standard type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' + description: Storage version of v1api20231102preview.ManagedClusterStorageProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' + description: Storage version of v1api20231102preview.ManagedClusterStorageProfileBlobCSIDriver_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' + description: Storage version of v1api20231102preview.ManagedClusterStorageProfileDiskCSIDriver_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean version: - description: 'Version: The version of AzureDisk CSI Driver. The default value is v1.' type: string type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' + description: Storage version of v1api20231102preview.ManagedClusterStorageProfileFileCSIDriver_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' + description: Storage version of v1api20231102preview.ManagedClusterStorageProfileSnapshotController_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' - enum: - - AKSLongTermSupport - - KubernetesOfficial type: string + systemData: + description: Storage version of v1api20231102preview.SystemData_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: + type: string + type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object + type: + type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' + description: Storage version of v1api20231102preview.ClusterUpgradeSettings_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object overrideSettings: - description: 'OverrideSettings: Settings for overrides.' + description: Storage version of v1api20231102preview.UpgradeOverrideSettings_STATUS properties: - forceUpgrade: + $propertyBag: + additionalProperties: + type: string description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + forceUpgrade: type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' + description: Storage version of v1api20231102preview.ManagedClusterWindowsProfile_STATUS properties: - adminPassword: + $propertyBag: + additionalProperties: + type: string description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' + description: Storage version of v1api20231102preview.WindowsGmsaProfile_STATUS properties: - dnsServer: + $propertyBag: + additionalProperties: + type: string description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServer: type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. - enum: - - None - - Windows_Server type: string - required: - - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' + description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfile_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' + description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean - required: - - enabled type: object verticalPodAutoscaler: + description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object addonAutoscaling: - description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' - enum: - - Disabled - - Enabled type: string enabled: - description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' type: boolean - required: - - enabled type: object type: object - required: - - location - - owner type: object - status: - description: Managed cluster. + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20240402preview + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: properties: aadProfile: description: 'AadProfile: The Azure Active Directory configuration.' @@ -31745,19 +27002,8 @@ spec: enabled: description: 'Enabled: Whether the add-on is enabled or not.' type: boolean - identity: - description: 'Identity: Information of user assigned identity used by this add-on.' - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string - type: object + required: + - enabled type: object description: 'AddonProfiles: The profile of managed cluster add-on.' type: object @@ -31782,9 +27028,26 @@ spec: items: type: string type: array - capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' - type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: description: |- Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) @@ -31795,22 +27058,27 @@ spec: CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. properties: - sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' - type: string + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be - exactly equal to it. If orchestratorVersion was , this field will contain the full - version being used. - type: string - eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. - type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean @@ -31854,10 +27122,18 @@ spec: one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. + maximum: 31 + minimum: 28 type: integer type: object gpuInstanceProfile: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g type: string gpuProfile: description: 'GpuProfile: The GPU settings of an agent pool.' @@ -31870,12 +27146,29 @@ spec: installation themselves. type: boolean type: object - hostGroupID: + hostGroupReference: description: |- - HostGroupID: This is of the form: + HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: @@ -31888,6 +27181,7 @@ spec: description: |- ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be ≥ 2. + minimum: 2 type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -31929,6 +27223,9 @@ spec: description: |- KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. + enum: + - OS + - Temporary type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -32007,12 +27304,18 @@ spec: type: boolean netIpv4TcpkeepaliveIntvl: description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 type: integer netNetfilterNfConntrackBuckets: description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 type: integer netNetfilterNfConntrackMax: description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 type: integer vmMaxMapCount: description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' @@ -32056,9 +27359,14 @@ spec: description: |- Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - Gateway + - System + - User type: string name: description: 'Name: Windows agent pool names must be 6 characters or less.' + pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: description: 'NetworkProfile: Network-related settings of an agent pool.' @@ -32072,21 +27380,48 @@ spec: description: |- PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart. + maximum: 65535 + minimum: 1 type: integer portStart: description: |- PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd. + maximum: 65535 + minimum: 1 type: integer protocol: description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP type: string type: object type: array - applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' + applicationSecurityGroupsReferences: + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array nodePublicIPTags: description: 'NodePublicIPTags: IPTags of instance-level public IPs.' @@ -32102,9 +27437,6 @@ spec: type: object type: array type: object - nodeImageVersion: - description: 'NodeImageVersion: The version of node image' - type: string nodeInitializationTaints: description: |- NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field @@ -32120,11 +27452,28 @@ spec: type: string description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object - nodePublicIPPrefixID: + nodePublicIPPrefixReference: description: |- - NodePublicIPPrefixID: This is of the form: + NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: @@ -32141,33 +27490,69 @@ spec: see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: + maximum: 2048 + minimum: 0 type: integer osDiskType: description: |- OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed type: string osSKU: description: |- OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated. + enum: + - AzureLinux + - CBLMariner + - Mariner + - Ubuntu + - Windows2019 + - Windows2022 + - WindowsAnnual type: string osType: description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows type: string podIPAllocationMode: description: |- PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is 'DynamicIndividual'. + enum: + - DynamicIndividual + - StaticBlock type: string - podSubnetID: + podSubnetReference: description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object powerState: description: |- PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this @@ -32176,24 +27561,50 @@ spec: properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object - provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' - type: string - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' - type: string scaleDownMode: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete type: string scaleSetEvictionPolicy: description: |- ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. + enum: + - Deallocate + - Delete type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot type: string securityProfile: description: 'SecurityProfile: The security settings of an agent pool.' @@ -32210,6 +27621,9 @@ spec: type: boolean sshAccess: description: 'SshAccess: SSH access method of an agent pool.' + enum: + - Disabled + - LocalUser type: string type: object spotMaxPrice: @@ -32225,6 +27639,10 @@ spec: type: object type: description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + - VirtualMachines type: string upgradeSettings: description: 'UpgradeSettings: Settings for upgrading the agentpool' @@ -32234,6 +27652,8 @@ spec: DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 type: integer maxSurge: description: |- @@ -32246,12 +27666,17 @@ spec: description: |- NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. + maximum: 30 + minimum: 0 type: integer undrainableNodeBehavior: description: |- UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. + enum: + - Cordon + - Schedule type: string type: object virtualMachineNodesStatus: @@ -32296,9 +27721,7 @@ spec: type: object type: array manual: - description: |- - Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size. Currently, at most one - ManualScaleProfile is allowed. + description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: description: Specifications on number of machines. properties: @@ -32323,12 +27746,29 @@ spec: might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetID: + vnetSubnetReference: description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object windowsProfile: description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: @@ -32340,7 +27780,13 @@ spec: type: object workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - KataMshvVmIsolation + - OCIContainer + - WasmWasi type: string + required: + - name type: object type: array aiToolchainOperatorProfile: @@ -32407,6 +27853,11 @@ spec: type: boolean expander: description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' + enum: + - least-waste + - most-pods + - priority + - random type: string ignore-daemonsets-utilization: description: |- @@ -32479,11 +27930,22 @@ spec: properties: nodeOSUpgradeChannel: description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' + enum: + - NodeImage + - None + - SecurityPatch + - Unmanaged type: string upgradeChannel: description: |- UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). + enum: + - node-image + - none + - patch + - rapid + - stable type: string type: object azureMonitorProfile: @@ -32552,11 +28014,28 @@ spec: enabled: description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' type: boolean - logAnalyticsWorkspaceResourceId: + logAnalyticsWorkspaceResourceReference: description: |- - LogAnalyticsWorkspaceResourceId: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure - Monitor Container Insights Logs. - type: string + LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing + Azure Monitor Container Insights Logs. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object syslogPort: description: 'SyslogPort: The syslog host port. If not specified, the default port is 28330.' type: integer @@ -32581,102 +28060,107 @@ spec: metric. type: string type: object + required: + - enabled type: object type: object - azurePortalFQDN: + azureName: description: |- - AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some - responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure - Portal to function properly. + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string bootstrapProfile: description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' properties: artifactSource: description: 'ArtifactSource: The source where the artifacts are downloaded from.' + enum: + - Cache + - Direct type: string - containerRegistryId: + containerRegistryReference: description: |- - ContainerRegistryId: The resource Id of Azure Container Registry. The registry must have private network access, premium - SKU and zone redundancy. - type: string + ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, + premium SKU and zone redundancy. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - conditions: - description: 'Conditions: The observed state of the resource' - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array creationData: description: |- CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot. properties: - sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' - type: string + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentKubernetesVersion: - description: 'CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running.' - type: string disableLocalAccounts: description: |- DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean - diskEncryptionSetID: + diskEncryptionSetReference: description: |- - DiskEncryptionSetID: This is of the form: + DiskEncryptionSetReference: This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - type: string + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string - eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. - type: string enableNamespaceResources: description: |- EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed @@ -32700,24 +28184,16 @@ spec: type: string type: description: 'Type: The type of the extended location.' + enum: + - EdgeZone type: string type: object - fqdn: - description: 'Fqdn: The FQDN of the master pool.' - type: string fqdnSubdomain: description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: - effectiveNoProxy: - description: |- - EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a - superset of noProxy and values injected by AKS. - items: - type: string - type: array httpProxy: description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string @@ -32733,11 +28209,6 @@ spec: description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object - id: - description: |- - Id: Fully qualified resource ID for the resource. E.g. - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" - type: string identity: description: 'Identity: The identity of the managed cluster, if configured.' properties: @@ -32751,42 +28222,73 @@ spec: referralResource: description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string - resourceId: - description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' - type: string + resourceReference: + description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object tenantId: description: 'TenantId: The tenant id of the delegated resource - internal use only.' + pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object description: |- DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object - principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' - type: string - tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' - type: string type: description: |- Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + enum: + - None + - SystemAssigned + - UserAssigned type: string userAssignedIdentities: - additionalProperties: - properties: - clientId: - description: 'ClientId: The client id of user assigned identity.' - type: string - principalId: - description: 'PrincipalId: The principal id of user assigned identity.' - type: string - type: object description: |- UserAssignedIdentities: The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. - type: object + items: + description: Information about the user assigned identity for the resource + properties: + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array type: object identityProfile: additionalProperties: @@ -32798,9 +28300,26 @@ spec: objectId: description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object description: 'IdentityProfile: Identities associated with the cluster.' type: object @@ -32810,34 +28329,35 @@ spec: webAppRouting: description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: - dnsZoneResourceIds: + dnsZoneResourceReferences: description: |- - DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web - App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must - be in the same resource group and all private DNS zones must be in the same resource group. + DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only + when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS + zones must be in the same resource group and all private DNS zones must be in the same resource group. items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array enabled: description: 'Enabled: Whether to enable Web App Routing.' type: boolean - identity: - description: |- - Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted - permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See - [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more - instructions. - properties: - clientId: - description: 'ClientId: The client ID of the user assigned identity.' - type: string - objectId: - description: 'ObjectId: The object ID of the user assigned identity.' - type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string - type: object type: object type: object kind: @@ -32855,6 +28375,7 @@ spec: properties: adminUsername: description: 'AdminUsername: The administrator username to use for Linux VMs.' + pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' @@ -32869,16 +28390,20 @@ spec: KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers. type: string + required: + - keyData type: object type: array + required: + - publicKeys type: object + required: + - adminUsername + - ssh type: object location: description: 'Location: The geo-location where the resource lives' type: string - maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' - type: integer metricsProfile: description: 'MetricsProfile: Optional cluster metrics configuration.' properties: @@ -32893,9 +28418,6 @@ spec: type: boolean type: object type: object - name: - description: 'Name: The name of the resource' - type: string networkProfile: description: 'NetworkProfile: The network configuration profile.' properties: @@ -32916,6 +28438,7 @@ spec: description: |- DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. + pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: description: |- @@ -32923,6 +28446,9 @@ spec: is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: description: To determine if address belongs IPv4 or IPv6 family. + enum: + - IPv4 + - IPv6 type: string type: array kubeProxyConfig: @@ -32941,6 +28467,9 @@ spec: properties: scheduler: description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' + enum: + - LeastConnection + - RoundRobin type: string tcpFinTimeoutSeconds: description: |- @@ -32956,6 +28485,9 @@ spec: type: object mode: description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' + enum: + - IPTABLES + - IPVS type: string type: object loadBalancerProfile: @@ -32965,21 +28497,46 @@ spec: description: |- AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + maximum: 64000 + minimum: 0 type: integer backendPoolType: description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' + enum: + - NodeIP + - NodeIPConfiguration type: string clusterServiceLoadBalancerHealthProbeMode: description: 'ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.' + enum: + - ServiceNodePort + - Shared type: string effectiveOutboundIPs: description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array enableMultipleStandardLoadBalancers: @@ -32989,6 +28546,8 @@ spec: description: |- IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPs: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' @@ -32997,11 +28556,15 @@ spec: description: |- Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. + maximum: 100 + minimum: 1 type: integer countIPv6: description: |- CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + maximum: 100 + minimum: 0 type: integer type: object outboundIPPrefixes: @@ -33012,9 +28575,26 @@ spec: items: description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -33026,9 +28606,26 @@ spec: items: description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -33038,6 +28635,9 @@ spec: LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs. + enum: + - basic + - standard type: string natGatewayProfile: description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' @@ -33047,15 +28647,34 @@ spec: items: description: A reference to an Azure resource. properties: - id: - description: 'Id: The fully qualified Azure resource id.' - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: description: |- IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes. + maximum: 120 + minimum: 4 type: integer managedOutboundIPProfile: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' @@ -33064,31 +28683,57 @@ spec: description: |- Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. + maximum: 16 + minimum: 1 type: integer type: object type: object networkDataplane: description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' + enum: + - azure + - cilium type: string networkMode: description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + enum: + - bridge + - transparent type: string networkPlugin: description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + enum: + - azure + - kubenet + - none type: string networkPluginMode: description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' + enum: + - overlay type: string networkPolicy: description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + enum: + - azure + - calico + - cilium + - none type: string outboundType: description: |- OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + enum: + - loadBalancer + - managedNATGateway + - none + - userAssignedNATGateway + - userDefinedRouting type: string podCidr: description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: description: |- @@ -33101,11 +28746,15 @@ spec: description: |- PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods with hostNetwork=false. if not specified, the default is 'IMDS'. + enum: + - IMDS + - None type: string serviceCidr: description: |- ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: description: |- @@ -33129,6 +28778,9 @@ spec: properties: mode: description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' + enum: + - Auto + - Manual type: string type: object nodeResourceGroup: @@ -33139,6 +28791,9 @@ spec: properties: restrictionLevel: description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' + enum: + - ReadOnly + - Unrestricted type: string type: object oidcIssuerProfile: @@ -33147,29 +28802,164 @@ spec: enabled: description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean - issuerURL: - description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' - type: string type: object - podIdentityProfile: + operatorSpec: description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: - allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. - type: boolean - enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' - type: boolean - userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: Details about the pod identity assigned to the Managed Cluster. + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + oidcIssuerProfile: + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: 'Secrets: configures where to place Azure generated secrets.' + properties: + adminCredentials: + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podIdentityProfile: + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. + properties: + allowNetworkPluginKubenet: + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. + type: boolean + enabled: + description: 'Enabled: Whether the pod identity addon is enabled.' + type: boolean + userAssignedIdentities: + description: 'UserAssignedIdentities: The pod identities to use in the cluster.' + items: + description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' @@ -33183,9 +28973,26 @@ spec: objectId: description: 'ObjectId: The object ID of the user assigned identity.' type: string - resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' - type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object name: description: 'Name: The name of the pod identity.' @@ -33193,44 +29000,10 @@ spec: namespace: description: 'Namespace: The namespace of the pod identity.' type: string - provisioningInfo: - properties: - error: - description: 'Error: Pod identity assignment error (if any).' - properties: - error: - description: 'Error: Details about the error.' - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - details: - description: 'Details: A list of additional details about the error.' - items: - properties: - code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' - type: string - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: array - message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' - type: string - target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' - type: string - type: object - type: object - type: object - provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' - type: string + required: + - identity + - name + - namespace type: object type: array userAssignedIdentityExceptions: @@ -33251,19 +29024,13 @@ spec: type: string description: 'PodLabels: The pod labels to match.' type: object + required: + - name + - namespace + - podLabels type: object type: array type: object - powerState: - description: 'PowerState: The Power State of the cluster.' - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - type: string - type: object - privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' - type: string privateLinkResources: description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: @@ -33272,15 +29039,29 @@ spec: groupId: description: 'GroupId: The group ID of the resource.' type: string - id: - description: 'Id: The ID of the private link resource.' - type: string name: description: 'Name: The name of the private link resource.' type: string - privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' - type: string + reference: + description: 'Reference: The ID of the private link resource.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: description: 'RequiredMembers: The RequiredMembers of the resource' items: @@ -33291,16 +29072,12 @@ spec: type: string type: object type: array - provisioningState: - description: 'ProvisioningState: The current provisioning state.' - type: string publicNetworkAccess: description: 'PublicNetworkAccess: Allow or deny public network access for AKS' - type: string - resourceUID: - description: |- - ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create - sequence) + enum: + - Disabled + - Enabled + - SecuredByPerimeter type: string safeguardsProfile: description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' @@ -33314,15 +29091,16 @@ spec: description: |- Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces + enum: + - Enforcement + - "Off" + - Warning type: string - systemExcludedNamespaces: - description: 'SystemExcludedNamespaces: List of namespaces specified by AKS to be excluded from Safeguards' - items: - type: string - type: array version: description: 'Version: The version of constraints to use' type: string + required: + - level type: object securityProfile: description: 'SecurityProfile: Security profile for the managed cluster.' @@ -33347,12 +29125,32 @@ spec: KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`. + enum: + - Private + - Public type: string - keyVaultResourceId: + keyVaultResourceReference: description: |- - KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must - be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - type: string + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object customCATrustCertificates: description: |- @@ -33361,16 +29159,35 @@ spec: Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string + maxItems: 10 + minItems: 0 type: array defender: description: 'Defender: Microsoft Defender settings for the security profile.' properties: - logAnalyticsWorkspaceResourceId: + logAnalyticsWorkspaceResourceReference: description: |- - LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. - When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft - Defender is disabled, leave the field empty. - type: string + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object securityMonitoring: description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: @@ -33442,9 +29259,26 @@ spec: keyObjectName: description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string - keyVaultId: - description: 'KeyVaultId: The resource ID of the Key Vault.' - type: string + keyVaultReference: + description: 'KeyVaultReference: The resource ID of the Key Vault.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object rootCertObjectName: description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string @@ -33461,6 +29295,8 @@ spec: enabled: description: 'Enabled: Whether to enable the egress gateway.' type: boolean + required: + - enabled type: object type: array ingressGateways: @@ -33475,7 +29311,13 @@ spec: type: boolean mode: description: 'Mode: Mode of an ingress gateway.' + enum: + - External + - Internal type: string + required: + - enabled + - mode type: object type: array type: object @@ -33486,11 +29328,17 @@ spec: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string + maxItems: 2 type: array type: object mode: description: 'Mode: Mode of the service mesh.' + enum: + - Disabled + - Istio type: string + required: + - mode type: object servicePrincipalProfile: description: |- @@ -33500,17 +29348,41 @@ spec: clientId: description: 'ClientId: The ID for the service principal.' type: string + secret: + description: 'Secret: The secret password associated with the service principal in plain text.' + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + required: + - clientId type: object sku: description: 'Sku: The managed cluster SKU.' properties: name: description: 'Name: The name of a managed cluster SKU.' + enum: + - Automatic + - Base type: string tier: description: |- Tier: If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. + enum: + - Free + - Premium + - Standard type: string type: object storageProfile: @@ -33550,37 +29422,15 @@ spec: type: object supportPlan: description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' + enum: + - AKSLongTermSupport + - KubernetesOfficial type: string - systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' - properties: - createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' - type: string - createdBy: - description: 'CreatedBy: The identity that created the resource.' - type: string - createdByType: - description: 'CreatedByType: The type of identity that created the resource.' - type: string - lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' - type: string - lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' - type: string - lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' - type: string - type: object tags: additionalProperties: type: string description: 'Tags: Resource tags.' type: object - type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' - type: string upgradeSettings: description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: @@ -33603,6 +29453,31 @@ spec: windowsProfile: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: + adminPassword: + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: description: |- AdminUsername: Specifies the name of the administrator account. @@ -33639,7 +29514,12 @@ spec: description: |- LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + enum: + - None + - Windows_Server type: string + required: + - adminUsername type: object workloadAutoScalerProfile: description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' @@ -33650,726 +29530,635 @@ spec: enabled: description: 'Enabled: Whether to enable KEDA.' type: boolean + required: + - enabled type: object verticalPodAutoscaler: properties: addonAutoscaling: description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' + enum: + - Disabled + - Enabled type: string enabled: description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' type: boolean + required: + - enabled type: object type: object + required: + - location + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20240402previewstorage - schema: - openAPIV3Schema: - description: |- - Storage version of v1api20240402preview.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Storage version of v1api20240402preview.ManagedCluster_Spec + status: + description: Managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object aadProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAADProfile - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: 'AadProfile: The Azure Active Directory configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminGroupObjectIDs: + description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: + description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: + description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: + description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: + description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: + description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20240402preview.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. + description: A Kubernetes add-on profile for a managed cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object config: additionalProperties: type: string + description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: + description: 'Enabled: Whether the add-on is enabled or not.' type: boolean + identity: + description: 'Identity: Information of user assigned identity used by this add-on.' + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object type: object + description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: + description: 'AgentPoolProfiles: The agent pool properties.' items: - description: |- - Storage version of v1api20240402preview.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. + description: Profile for the container service agent pool. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object artifactStreamingProfile: - description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + type: string count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - Storage version of v1api20240402preview.CreationData - Data used when creating a target resource from a source resource. + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' + type: string type: object + currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. + type: string enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: description: |- - Storage version of v1api20240402preview.AgentPoolGatewayProfile - Profile of the managed cluster gateway agent pool. + GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is + not Gateway. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPPrefixSize: + description: |- + PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide + public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with + one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure + public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 + nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. type: integer type: object gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string gpuProfile: - description: Storage version of v1api20240402preview.AgentPoolGPUProfile + description: 'GpuProfile: The GPU settings of an agent pool.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object installGPUDriver: + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. type: boolean type: object - hostGroupReference: + hostGroupID: description: |- - HostGroupReference: This is of the form: + HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string kubeletConfig: - description: |- - Storage version of v1api20240402preview.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. type: integer containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: - description: |- - Storage version of v1api20240402preview.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: |- - Storage version of v1api20240402preview.SysctlConfig - Sysctl settings for Linux agent nodes. + description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). type: string minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: + description: 'Name: Windows agent pool names must be 6 characters or less.' type: string networkProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolNetworkProfile - Network settings of an agent pool. + description: 'NetworkProfile: Network-related settings of an agent pool.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: |- - Storage version of v1api20240402preview.PortRange - The port range. + description: The port range. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: + description: 'Protocol: The network protocol of the port.' type: string type: object type: array - applicationSecurityGroupsReferences: + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string type: array nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: |- - Storage version of v1api20240402preview.IPTag - Contains the IPTag associated with the object. + description: Contains the IPTag associated with the object. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object + nodeImageVersion: + description: 'NodeImageVersion: The version of node image' + type: string nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` items: type: string type: array nodeLabels: additionalProperties: type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object - nodePublicIPPrefixReference: + nodePublicIPPrefixID: description: |- - NodePublicIPPrefixReference: This is of the form: + NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. type: string osType: + description: 'OsType: The operating system type. The default is Linux.' type: string podIPAllocationMode: + description: |- + PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is + 'DynamicIndividual'. type: string - podSubnetReference: + podSubnetID: description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string powerState: description: |- - Storage version of v1api20240402preview.PowerState - Describes the Power State of the cluster + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: + description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' + type: string + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string securityProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolSecurityProfile - The security settings of an agent pool. + description: 'SecurityProfile: The security settings of an agent pool.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: + description: 'SshAccess: SSH access method of an agent pool.' type: string type: object spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: + description: 'Type: The type of Agent Pool.' type: string upgradeSettings: - description: |- - Storage version of v1api20240402preview.AgentPoolUpgradeSettings - Settings for upgrading an agentpool + description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. type: integer maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. type: integer undrainableNodeBehavior: + description: |- + UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable + nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the + remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. type: string type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20240402preview.VirtualMachineNodes - Current status on a group of nodes of the same vm size. + description: Current status on a group of nodes of the same vm size. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: + description: 'Count: Number of nodes.' type: integer size: + description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20240402preview.VirtualMachinesProfile - Specifications on VirtualMachines agent pool. + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object scale: - description: |- - Storage version of v1api20240402preview.ScaleProfile - Specifications on how to scale a VirtualMachines agent pool. + description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object autoscale: + description: |- + Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, + at most one AutoScaleProfile is allowed. items: - description: |- - Storage version of v1api20240402preview.AutoScaleProfile - Specifications on auto-scaling. + description: Specifications on auto-scaling. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object maxCount: + description: 'MaxCount: The maximum number of nodes of the specified sizes.' type: integer minCount: + description: 'MinCount: The minimum number of nodes of the specified sizes.' type: integer sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS + will use the next size. items: type: string type: array type: object type: array manual: + description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: |- - Storage version of v1api20240402preview.ManualScaleProfile - Specifications on number of machines. + description: Specifications on number of machines. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: + description: 'Count: Number of nodes.' type: integer sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will + use the next size. items: type: string type: array @@ -34378,1973 +30167,1396 @@ spec: type: object type: object vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetReference: + vnetSubnetID: description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string windowsProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolWindowsProfile - The Windows agent pool's specific profile. + description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: array aiToolchainOperatorProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAIToolchainOperatorProfile - When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator - automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and - enables distributed inference against them. + description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Indicates if AI toolchain operator enabled or not.' type: boolean type: object apiServerAccessProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. + description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object authorizedIPRanges: + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: + description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: + description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean enableVnetIntegration: + description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string subnetId: + description: |- + SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable + apiserver vnet integration. type: string type: object autoScalerProfile: - description: Storage version of v1api20240402preview.ManagedClusterProperties_AutoScalerProfile + description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object balance-similar-node-groups: + description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: + description: |- + DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the + node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be + deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: + description: |- + DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion + of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node + will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: + description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' type: string ignore-daemonsets-utilization: + description: |- + IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making + scaling down decisions. type: boolean max-empty-bulk-delete: + description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: + description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: + description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: + description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: + description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: + description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: + description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: + description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. + description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object nodeOSUpgradeChannel: + description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' type: string upgradeChannel: + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfile - Prometheus addon profile for the container service cluster + description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object appMonitoring: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoring - Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces - through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics + and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object autoInstrumentation: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation - Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument - Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. + AutoInstrumentation: Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook + to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the + application. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Indicates if Application Monitoring Auto Instrumentation is enabled or not.' type: boolean type: object openTelemetryLogs: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs - Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects - OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See + OpenTelemetryLogs: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and + Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.' type: boolean port: + description: 'Port: The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.' type: integer type: object openTelemetryMetrics: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics - Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects - OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See + OpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container + Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' type: boolean port: + description: 'Port: The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.' type: integer type: object type: object containerInsights: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileContainerInsights - Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See - aka.ms/AzureMonitorContainerInsights for an overview. + ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & + stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object disableCustomMetrics: + description: |- + DisableCustomMetrics: Indicates whether custom metrics collection has to be disabled or not. If not specified the + default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is + false type: boolean disablePrometheusMetricsScraping: + description: |- + DisablePrometheusMetricsScraping: Indicates whether prometheus metrics scraping is disabled or not. If not specified the + default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field + is false type: boolean enabled: + description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' type: boolean - logAnalyticsWorkspaceResourceReference: + logAnalyticsWorkspaceResourceId: description: |- - LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing - Azure Monitor Container Insights Logs. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + LogAnalyticsWorkspaceResourceId: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure + Monitor Container Insights Logs. + type: string syslogPort: + description: 'SyslogPort: The syslog host port. If not specified, the default port is 28330.' type: integer type: object metrics: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileMetrics - Metrics profile for the prometheus service addon + description: 'Metrics: Metrics profile for the prometheus service addon' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable the Prometheus collector' type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileKubeStateMetrics - Kube State Metrics for prometheus addon profile for the container service cluster + description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object metricAnnotationsAllowList: + description: |- + MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric. type: string metricLabelsAllowlist: + description: |- + MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels + metric. type: string type: object type: object type: object - azureName: + azurePortalFQDN: description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. type: string bootstrapProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterBootstrapProfile - The bootstrap profile. + description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object artifactSource: + description: 'ArtifactSource: The source where the artifacts are downloaded from.' type: string - containerRegistryReference: + containerRegistryId: description: |- - ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, - premium SKU and zone redundancy. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + ContainerRegistryId: The resource Id of Azure Container Registry. The registry must have private network access, premium + SKU and zone redundancy. + type: string type: object + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array creationData: description: |- - Storage version of v1api20240402preview.CreationData - Data used when creating a target resource from a source resource. + CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a + snapshot. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' + type: string type: object - disableLocalAccounts: - type: boolean - diskEncryptionSetReference: + currentKubernetesVersion: + description: 'CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running.' + type: string + disableLocalAccounts: description: |- - DiskEncryptionSetReference: This is of the form: + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). + type: boolean + diskEncryptionSetID: + description: |- + DiskEncryptionSetID: This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string dnsPrefix: + description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. type: string enableNamespaceResources: + description: |- + EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed + cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as + a ARM Resource. type: boolean enablePodSecurityPolicy: + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: + description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: |- - Storage version of v1api20240402preview.ExtendedLocation - The complex type of the extended location. + description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: + description: 'Name: The name of the extended location.' type: string type: + description: 'Type: The type of the extended location.' type: string type: object + fqdn: + description: 'Fqdn: The FQDN of the master pool.' + type: string fqdnSubdomain: + description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: |- - Storage version of v1api20240402preview.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. + description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: - $propertyBag: - additionalProperties: - type: string + effectiveNoProxy: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a + superset of noProxy and values injected by AKS. + items: + type: string + type: array httpProxy: + description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: + description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: + description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: + description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object - identity: + id: description: |- - Storage version of v1api20240402preview.ManagedClusterIdentity - Identity for the managed cluster. + Id: Fully qualified resource ID for the resource. E.g. + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + type: string + identity: + description: 'Identity: The identity of the managed cluster, if configured.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20240402preview.DelegatedResource - Delegated resource properties - internal use only. + description: Delegated resource properties - internal use only. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object location: + description: 'Location: The source resource location - internal use only.' type: string referralResource: + description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' + type: string + resourceId: + description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' type: string - resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object tenantId: + description: 'TenantId: The tenant id of the delegated resource - internal use only.' type: string type: object + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object + principalId: + description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' + type: string + tenantId: + description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' + type: string type: + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: - items: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentityDetails - Information about the user assigned identity for the resource + additionalProperties: properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + clientId: + description: 'ClientId: The client id of user assigned identity.' + type: string + principalId: + description: 'PrincipalId: The principal id of user assigned identity.' + type: string type: object - type: array + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. + type: object type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity - Details about a user assigned identity. + description: Details about a user assigned identity. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: + description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object type: object + description: 'IdentityProfile: Identities associated with the cluster.' type: object ingressProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterIngressProfile - Ingress profile for the container service cluster. + description: 'IngressProfile: Ingress profile for the managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object webAppRouting: - description: |- - Storage version of v1api20240402preview.ManagedClusterIngressProfileWebAppRouting - Web App Routing settings for the ingress profile. + description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: - $propertyBag: - additionalProperties: - type: string + dnsZoneResourceIds: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - dnsZoneResourceReferences: + DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web + App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must + be in the same resource group and all private DNS zones must be in the same resource group. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + type: string type: array enabled: + description: 'Enabled: Whether to enable Web App Routing.' type: boolean + identity: + description: |- + Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted + permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See + [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more + instructions. + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object type: object type: object kind: + description: 'Kind: This is primarily used to expose different UI experiences in the portal for different kinds' type: string kubernetesVersion: + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: |- - Storage version of v1api20240402preview.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. + description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object adminUsername: + description: 'AdminUsername: The administrator username to use for Linux VMs.' type: string ssh: - description: |- - Storage version of v1api20240402preview.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. + description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicKeys: + description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: |- - Storage version of v1api20240402preview.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. + description: Contains information about SSH certificate public key data. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keyData: + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string type: object type: array type: object type: object location: + description: 'Location: The geo-location where the resource lives' type: string + maxAgentPools: + description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' + type: integer metricsProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterMetricsProfile - The metrics profile for the ManagedCluster. + description: 'MetricsProfile: Optional cluster metrics configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object costAnalysis: - description: |- - Storage version of v1api20240402preview.ManagedClusterCostAnalysis - The cost analysis configuration for the cluster + description: 'CostAnalysis: The cost analysis configuration for the cluster' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: |- + Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will + add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the + default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object + name: + description: 'Name: The name of the resource' + type: string networkProfile: - description: |- - Storage version of v1api20240402preview.ContainerServiceNetworkProfile - Profile of network configuration. + description: 'NetworkProfile: The network configuration profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object advancedNetworking: description: |- - Storage version of v1api20240402preview.AdvancedNetworking - Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may - incur additional costs. For more information see aka.ms/aksadvancednetworking. + AdvancedNetworking: Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced + networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object observability: - description: |- - Storage version of v1api20240402preview.AdvancedNetworkingObservability - Observability profile to enable advanced network metrics and flow logs with historical contexts. + description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' type: boolean type: object type: object dnsServiceIP: + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. type: string ipFamilies: + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: + description: To determine if address belongs IPv4 or IPv6 family. type: string type: array kubeProxyConfig: - description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig + description: |- + KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy + defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ + where is represented by a - string. Kubernetes version 1.23 would be '1-23'. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: |- + Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by + default without these customizations). type: boolean ipvsConfig: - description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig + description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object scheduler: + description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' type: string tcpFinTimeoutSeconds: + description: |- + TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive + integer value. type: integer tcpTimeoutSeconds: + description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' type: integer udpTimeoutSeconds: + description: 'UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.' type: integer type: object mode: + description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' type: string type: object loadBalancerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. + description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allocatedOutboundPorts: + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: + description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' type: string clusterServiceLoadBalancerHealthProbeMode: + description: 'ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.' type: string effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: |- - Storage version of v1api20240402preview.ResourceReference - A reference to an Azure resource. + description: A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + description: 'Id: The fully qualified Azure resource id.' + type: string type: object type: array enableMultipleStandardLoadBalancers: + description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs + description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - type: integer + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes + description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPPrefixes: + description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: |- - Storage version of v1api20240402preview.ResourceReference - A reference to an Azure resource. + description: A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + description: 'Id: The fully qualified Azure resource id.' + type: string type: object type: array type: object outboundIPs: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPs + description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object publicIPs: + description: 'PublicIPs: A list of public IP resources.' items: - description: |- - Storage version of v1api20240402preview.ResourceReference - A reference to an Azure resource. + description: A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + description: 'Id: The fully qualified Azure resource id.' + type: string type: object type: array type: object type: object loadBalancerSku: + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. type: string natGatewayProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterNATGatewayProfile - Profile of the managed cluster NAT gateway. + description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: |- - Storage version of v1api20240402preview.ResourceReference - A reference to an Azure resource. + description: A reference to an Azure resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: The fully qualified Azure resource id.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + id: + description: 'Id: The fully qualified Azure resource id.' + type: string type: object type: array idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterManagedOutboundIPProfile - Profile of the managed outbound IP resources of the managed cluster. + description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object count: + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. type: integer type: object type: object networkDataplane: + description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' type: string networkMode: + description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' type: string networkPlugin: + description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' type: string networkPluginMode: + description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' type: string networkPolicy: + description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: + description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array podLinkLocalAccess: + description: |- + PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods + with hostNetwork=false. if not specified, the default is 'IMDS'. type: string serviceCidr: + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. type: string serviceCidrs: + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array staticEgressGatewayProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterStaticEgressGatewayProfile - The Static Egress Gateway addon configuration for the cluster. + StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, + see https://aka.ms/aks/static-egress-gateway. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Indicates if Static Egress Gateway addon is enabled or not.' type: boolean type: object type: object nodeProvisioningProfile: - description: Storage version of v1api20240402preview.ManagedClusterNodeProvisioningProfile + description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object mode: + description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' type: string type: object nodeResourceGroup: + description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterNodeResourceGroupProfile - Node resource group lockdown profile for a managed cluster. + description: 'NodeResourceGroupProfile: The node resource group configuration profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object restrictionLevel: + description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterOIDCIssuerProfile - The OIDC issuer profile of the Managed Cluster. + description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean - type: object - operatorSpec: - description: |- - Storage version of v1api20240402preview.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - configMaps: - description: Storage version of v1api20240402preview.ManagedClusterOperatorConfigMaps - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - secrets: - description: Storage version of v1api20240402preview.ManagedClusterOperatorSecrets - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - originalVersion: - type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. + issuerURL: + description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' type: string type: object podIdentityProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityProfile - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowNetworkPluginKubenet: + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: + description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: + description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. + description: Details about the pod identity assigned to the Managed Cluster. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object bindingSelector: + description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity - Details about a user assigned identity. + description: 'Identity: The user assigned identity details.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: + description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' type: string - resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object type: object name: + description: 'Name: The name of the pod identity.' type: string namespace: + description: 'Namespace: The namespace of the pod identity.' + type: string + provisioningInfo: + properties: + error: + description: 'Error: Pod identity assignment error (if any).' + properties: + error: + description: 'Error: Details about the error.' + properties: + code: + description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' + type: string + details: + description: 'Details: A list of additional details about the error.' + items: + properties: + code: + description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' + type: string + message: + description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' + type: string + target: + description: 'Target: The target of the particular error. For example, the name of the property in error.' + type: string + type: object + type: array + message: + description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' + type: string + target: + description: 'Target: The target of the particular error. For example, the name of the property in error.' + type: string + type: object + type: object + type: object + provisioningState: + description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string type: object type: array userAssignedIdentityExceptions: + description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityException See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: + description: 'Name: The name of the pod identity exception.' type: string namespace: + description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string + description: 'PodLabels: The pod labels to match.' type: object type: object type: array type: object + powerState: + description: 'PowerState: The Power State of the cluster.' + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + type: string + type: object + privateFQDN: + description: 'PrivateFQDN: The FQDN of private cluster.' + type: string privateLinkResources: + description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: |- - Storage version of v1api20240402preview.PrivateLinkResource - A private link resource + description: A private link resource properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object groupId: + description: 'GroupId: The group ID of the resource.' + type: string + id: + description: 'Id: The ID of the private link resource.' type: string name: + description: 'Name: The name of the private link resource.' + type: string + privateLinkServiceID: + description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string - reference: - description: 'Reference: The ID of the private link resource.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object requiredMembers: + description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: + description: 'Type: The resource type.' type: string type: object type: array + provisioningState: + description: 'ProvisioningState: The current provisioning state.' + type: string publicNetworkAccess: + description: 'PublicNetworkAccess: Allow or deny public network access for AKS' type: string - safeguardsProfile: + resourceUID: description: |- - Storage version of v1api20240402preview.SafeguardsProfile - The Safeguards profile. + ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create + sequence) + type: string + safeguardsProfile: + description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object excludedNamespaces: + description: 'ExcludedNamespaces: List of namespaces excluded from Safeguards checks' items: type: string type: array level: - type: string - version: + description: |- + Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS + excludes via systemExcludedNamespaces + type: string + systemExcludedNamespaces: + description: 'SystemExcludedNamespaces: List of namespaces specified by AKS to be excluded from Safeguards' + items: + type: string + type: array + version: + description: 'Version: The version of constraints to use' type: string type: object securityProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfile - Security profile for the container service cluster. + description: 'SecurityProfile: Security profile for the managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object azureKeyVaultKms: description: |- - Storage version of v1api20240402preview.AzureKeyVaultKms - Azure Key Vault key management service settings for the security profile. + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. type: string - keyVaultResourceReference: + keyVaultResourceId: description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must + be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + type: string type: object customCATrustCertificates: + description: |- + CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the + Custom CA Trust feature enabled. For more information see [Custom CA Trust + Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string type: array defender: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefender - Microsoft Defender settings for the security profile. + description: 'Defender: Microsoft Defender settings for the security profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - logAnalyticsWorkspaceResourceReference: + logAnalyticsWorkspaceResourceId: description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. + When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft + Defender is disabled, leave the field empty. + type: string securityMonitoring: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring - Microsoft Defender settings for the security profile threat detection. + description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageCleaner - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. + description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: + description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object imageIntegrity: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageIntegrity - Image integrity related settings for the security profile. + ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This + will not have any effect unless Azure Policy is applied to enforce image signatures. See + https://aka.ms/aks/image-integrity for how to use this feature via policy. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable image integrity. The default value is false.' type: boolean type: object nodeRestriction: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileNodeRestriction - Node Restriction settings for the security profile. + NodeRestriction: [Node + Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings + for the security profile. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileWorkloadIdentity - Workload identity settings for the security profile. + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20240402preview.ServiceMeshProfile - Service mesh profile for a managed cluster. + description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object istio: - description: |- - Storage version of v1api20240402preview.IstioServiceMesh - Istio service mesh configuration. + description: 'Istio: Istio service mesh configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object certificateAuthority: description: |- - Storage version of v1api20240402preview.IstioCertificateAuthority - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object plugin: - description: |- - Storage version of v1api20240402preview.IstioPluginCertificateAuthority - Plugin certificates information for Service Mesh. + description: 'Plugin: Plugin certificates information for Service Mesh.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object certChainObjectName: + description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: + description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: + description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' + type: string + keyVaultId: + description: 'KeyVaultId: The resource ID of the Key Vault.' type: string - keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object rootCertObjectName: + description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: |- - Storage version of v1api20240402preview.IstioComponents - Istio components configuration. + description: 'Components: Istio components configuration.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object egressGateways: + description: 'EgressGateways: Istio egress gateways.' items: - description: |- - Storage version of v1api20240402preview.IstioEgressGateway - Istio egress gateway configuration. + description: Istio egress gateway configuration. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable the egress gateway.' type: boolean type: object type: array ingressGateways: + description: 'IngressGateways: Istio ingress gateways.' items: description: |- - Storage version of v1api20240402preview.IstioIngressGateway Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: + description: 'Mode: Mode of an ingress gateway.' type: string type: object type: array type: object revisions: + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string type: array type: object mode: + description: 'Mode: Mode of the service mesh.' type: string type: object servicePrincipalProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object clientId: + description: 'ClientId: The ID for the service principal.' type: string - secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object type: object sku: - description: |- - Storage version of v1api20240402preview.ManagedClusterSKU - The SKU of a Managed Cluster. + description: 'Sku: The managed cluster SKU.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object name: + description: 'Name: The name of a managed cluster SKU.' type: string tier: + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfile - Storage profile for the container service cluster. + description: 'StorageProfile: Storage profile for the managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object blobCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileBlobCSIDriver - AzureBlob CSI Driver settings for the storage profile. + description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileDiskCSIDriver - AzureDisk CSI Driver settings for the storage profile. + description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean version: + description: 'Version: The version of AzureDisk CSI Driver. The default value is v1.' type: string type: object fileCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileFileCSIDriver - AzureFile CSI Driver settings for the storage profile. + description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileSnapshotController - Snapshot Controller settings for the storage profile. + description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: + description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' type: string + systemData: + description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' + properties: + createdAt: + description: 'CreatedAt: The timestamp of resource creation (UTC).' + type: string + createdBy: + description: 'CreatedBy: The identity that created the resource.' + type: string + createdByType: + description: 'CreatedByType: The type of identity that created the resource.' + type: string + lastModifiedAt: + description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' + type: string + lastModifiedBy: + description: 'LastModifiedBy: The identity that last modified the resource.' + type: string + lastModifiedByType: + description: 'LastModifiedByType: The type of identity that last modified the resource.' + type: string + type: object tags: additionalProperties: type: string + description: 'Tags: Resource tags.' type: object + type: + description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' + type: string upgradeSettings: - description: |- - Storage version of v1api20240402preview.ClusterUpgradeSettings - Settings for upgrading a cluster. + description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object overrideSettings: - description: |- - Storage version of v1api20240402preview.UpgradeOverrideSettings - Settings for overrides when upgrading a cluster. + description: 'OverrideSettings: Settings for overrides.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object forceUpgrade: + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. + description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. - properties: - key: - description: Key is the key in the Kubernetes secret being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource - type: string - required: - - key - - name - type: object adminUsername: + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: |- - Storage version of v1api20240402preview.WindowsGmsaProfile - Windows gMSA Profile in the managed cluster. + description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object dnsServer: + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: + description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfile - Workload Auto-scaler profile for the managed cluster. + description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object keda: - description: |- - Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileKeda - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object enabled: + description: 'Enabled: Whether to enable KEDA.' type: boolean type: object verticalPodAutoscaler: - description: Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object addonAutoscaling: + description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' type: string enabled: + description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' type: boolean type: object type: object - required: - - owner type: object - status: + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20240402previewstorage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20240402preview.ManagedCluster + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} + properties: + apiVersion: description: |- - Storage version of v1api20240402preview.ManagedCluster_STATUS - Managed cluster. + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20240402preview.ManagedCluster_Spec properties: $propertyBag: additionalProperties: @@ -36355,7 +31567,7 @@ spec: type: object aadProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterAADProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterAADProfile For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: @@ -36385,7 +31597,7 @@ spec: addonProfiles: additionalProperties: description: |- - Storage version of v1api20240402preview.ManagedClusterAddonProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterAddonProfile A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: @@ -36401,31 +31613,12 @@ spec: type: object enabled: type: boolean - identity: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - clientId: - type: string - objectId: - type: string - resourceId: - type: string - type: object type: object type: object agentPoolProfiles: items: description: |- - Storage version of v1api20240402preview.ManagedClusterAgentPoolProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterAgentPoolProfile Profile for the container service agent pool. properties: $propertyBag: @@ -36436,7 +31629,7 @@ spec: resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: - description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile_STATUS + description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile properties: $propertyBag: additionalProperties: @@ -36452,13 +31645,31 @@ spec: items: type: string type: array - capacityReservationGroupID: - type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: type: integer creationData: description: |- - Storage version of v1api20240402preview.CreationData_STATUS + Storage version of v1api20240402preview.CreationData Data used when creating a target resource from a source resource. properties: $propertyBag: @@ -36468,13 +31679,27 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - sourceResourceId: - type: string + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentOrchestratorVersion: - type: string - eTag: - type: string enableAutoScaling: type: boolean enableCustomCATrust: @@ -36489,7 +31714,7 @@ spec: type: boolean gatewayProfile: description: |- - Storage version of v1api20240402preview.AgentPoolGatewayProfile_STATUS + Storage version of v1api20240402preview.AgentPoolGatewayProfile Profile of the managed cluster gateway agent pool. properties: $propertyBag: @@ -36505,7 +31730,7 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20240402preview.AgentPoolGPUProfile_STATUS + description: Storage version of v1api20240402preview.AgentPoolGPUProfile properties: $propertyBag: additionalProperties: @@ -36517,11 +31742,32 @@ spec: installGPUDriver: type: boolean type: object - hostGroupID: - type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: description: |- - Storage version of v1api20240402preview.KubeletConfig_STATUS + Storage version of v1api20240402preview.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: @@ -36560,7 +31806,7 @@ spec: type: string linuxOSConfig: description: |- - Storage version of v1api20240402preview.LinuxOSConfig_STATUS + Storage version of v1api20240402preview.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: @@ -36574,7 +31820,7 @@ spec: type: integer sysctls: description: |- - Storage version of v1api20240402preview.SysctlConfig_STATUS + Storage version of v1api20240402preview.SysctlConfig Sysctl settings for Linux agent nodes. properties: $propertyBag: @@ -36660,7 +31906,7 @@ spec: type: string networkProfile: description: |- - Storage version of v1api20240402preview.AgentPoolNetworkProfile_STATUS + Storage version of v1api20240402preview.AgentPoolNetworkProfile Network settings of an agent pool. properties: $propertyBag: @@ -36673,7 +31919,7 @@ spec: allowedHostPorts: items: description: |- - Storage version of v1api20240402preview.PortRange_STATUS + Storage version of v1api20240402preview.PortRange The port range. properties: $propertyBag: @@ -36691,14 +31937,32 @@ spec: type: string type: object type: array - applicationSecurityGroups: + applicationSecurityGroupsReferences: items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array nodePublicIPTags: items: description: |- - Storage version of v1api20240402preview.IPTag_STATUS + Storage version of v1api20240402preview.IPTag Contains the IPTag associated with the object. properties: $propertyBag: @@ -36715,8 +31979,6 @@ spec: type: object type: array type: object - nodeImageVersion: - type: string nodeInitializationTaints: items: type: string @@ -36725,8 +31987,28 @@ spec: additionalProperties: type: string type: object - nodePublicIPPrefixID: - type: string + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object nodeTaints: items: type: string @@ -36743,11 +32025,32 @@ spec: type: string podIPAllocationMode: type: string - podSubnetID: - type: string + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object powerState: description: |- - Storage version of v1api20240402preview.PowerState_STATUS + Storage version of v1api20240402preview.PowerState Describes the Power State of the cluster properties: $propertyBag: @@ -36760,10 +32063,26 @@ spec: code: type: string type: object - provisioningState: - type: string - proximityPlacementGroupID: - type: string + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object scaleDownMode: type: string scaleSetEvictionPolicy: @@ -36772,7 +32091,7 @@ spec: type: string securityProfile: description: |- - Storage version of v1api20240402preview.AgentPoolSecurityProfile_STATUS + Storage version of v1api20240402preview.AgentPoolSecurityProfile The security settings of an agent pool. properties: $propertyBag: @@ -36799,7 +32118,7 @@ spec: type: string upgradeSettings: description: |- - Storage version of v1api20240402preview.AgentPoolUpgradeSettings_STATUS + Storage version of v1api20240402preview.AgentPoolUpgradeSettings Settings for upgrading an agentpool properties: $propertyBag: @@ -36821,7 +32140,7 @@ spec: virtualMachineNodesStatus: items: description: |- - Storage version of v1api20240402preview.VirtualMachineNodes_STATUS + Storage version of v1api20240402preview.VirtualMachineNodes Current status on a group of nodes of the same vm size. properties: $propertyBag: @@ -36839,7 +32158,7 @@ spec: type: array virtualMachinesProfile: description: |- - Storage version of v1api20240402preview.VirtualMachinesProfile_STATUS + Storage version of v1api20240402preview.VirtualMachinesProfile Specifications on VirtualMachines agent pool. properties: $propertyBag: @@ -36851,7 +32170,7 @@ spec: type: object scale: description: |- - Storage version of v1api20240402preview.ScaleProfile_STATUS + Storage version of v1api20240402preview.ScaleProfile Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: @@ -36864,7 +32183,7 @@ spec: autoscale: items: description: |- - Storage version of v1api20240402preview.AutoScaleProfile_STATUS + Storage version of v1api20240402preview.AutoScaleProfile Specifications on auto-scaling. properties: $propertyBag: @@ -36887,7 +32206,7 @@ spec: manual: items: description: |- - Storage version of v1api20240402preview.ManualScaleProfile_STATUS + Storage version of v1api20240402preview.ManualScaleProfile Specifications on number of machines. properties: $propertyBag: @@ -36909,11 +32228,32 @@ spec: type: object vmSize: type: string - vnetSubnetID: - type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object windowsProfile: description: |- - Storage version of v1api20240402preview.AgentPoolWindowsProfile_STATUS + Storage version of v1api20240402preview.AgentPoolWindowsProfile The Windows agent pool's specific profile. properties: $propertyBag: @@ -36932,7 +32272,7 @@ spec: type: array aiToolchainOperatorProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterAIToolchainOperatorProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterAIToolchainOperatorProfile When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them. @@ -36949,7 +32289,7 @@ spec: type: object apiServerAccessProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterAPIServerAccessProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterAPIServerAccessProfile Access profile for managed cluster API server. properties: $propertyBag: @@ -36977,7 +32317,7 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20240402preview.ManagedClusterProperties_AutoScalerProfile_STATUS + description: Storage version of v1api20240402preview.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: @@ -37029,7 +32369,7 @@ spec: type: object autoUpgradeProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterAutoUpgradeProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterAutoUpgradeProfile Auto upgrade profile for a managed cluster. properties: $propertyBag: @@ -37046,7 +32386,7 @@ spec: type: object azureMonitorProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfile Prometheus addon profile for the container service cluster properties: $propertyBag: @@ -37058,7 +32398,7 @@ spec: type: object appMonitoring: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoring_STATUS + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoring Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. @@ -37072,7 +32412,7 @@ spec: type: object autoInstrumentation: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation_STATUS + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview. @@ -37089,7 +32429,7 @@ spec: type: object openTelemetryLogs: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs_STATUS + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. @@ -37108,7 +32448,7 @@ spec: type: object openTelemetryMetrics: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. @@ -37128,7 +32468,7 @@ spec: type: object containerInsights: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileContainerInsights_STATUS + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileContainerInsights Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: @@ -37145,14 +32485,34 @@ spec: type: boolean enabled: type: boolean - logAnalyticsWorkspaceResourceId: - type: string + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing + Azure Monitor Container Insights Logs. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object syslogPort: type: integer type: object metrics: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileMetrics_STATUS + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileMetrics Metrics profile for the prometheus service addon properties: $propertyBag: @@ -37166,7 +32526,7 @@ spec: type: boolean kubeStateMetrics: description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileKubeStateMetrics Kube State Metrics for prometheus addon profile for the container service cluster properties: $propertyBag: @@ -37183,11 +32543,14 @@ spec: type: object type: object type: object - azurePortalFQDN: + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string bootstrapProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterBootstrapProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterBootstrapProfile The bootstrap profile. properties: $propertyBag: @@ -37199,55 +32562,32 @@ spec: type: object artifactSource: type: string - containerRegistryId: - type: string + containerRegistryReference: + description: |- + ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, + premium SKU and zone redundancy. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - conditions: - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array creationData: description: |- - Storage version of v1api20240402preview.CreationData_STATUS + Storage version of v1api20240402preview.CreationData Data used when creating a target resource from a source resource. properties: $propertyBag: @@ -37257,19 +32597,53 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - sourceResourceId: - type: string + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - currentKubernetesVersion: - type: string disableLocalAccounts: type: boolean - diskEncryptionSetID: - type: string + diskEncryptionSetReference: + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object dnsPrefix: type: string - eTag: - type: string enableNamespaceResources: type: boolean enablePodSecurityPolicy: @@ -37278,7 +32652,7 @@ spec: type: boolean extendedLocation: description: |- - Storage version of v1api20240402preview.ExtendedLocation_STATUS + Storage version of v1api20240402preview.ExtendedLocation The complex type of the extended location. properties: $propertyBag: @@ -37293,13 +32667,11 @@ spec: type: type: string type: object - fqdn: - type: string fqdnSubdomain: type: string httpProxyConfig: description: |- - Storage version of v1api20240402preview.ManagedClusterHTTPProxyConfig_STATUS + Storage version of v1api20240402preview.ManagedClusterHTTPProxyConfig Cluster HTTP proxy configuration. properties: $propertyBag: @@ -37309,10 +32681,6 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - effectiveNoProxy: - items: - type: string - type: array httpProxy: type: string httpsProxy: @@ -37324,11 +32692,9 @@ spec: trustedCa: type: string type: object - id: - type: string identity: description: |- - Storage version of v1api20240402preview.ManagedClusterIdentity_STATUS + Storage version of v1api20240402preview.ManagedClusterIdentity Identity for the managed cluster. properties: $propertyBag: @@ -37341,7 +32707,7 @@ spec: delegatedResources: additionalProperties: description: |- - Storage version of v1api20240402preview.DelegatedResource_STATUS + Storage version of v1api20240402preview.DelegatedResource Delegated resource properties - internal use only. properties: $propertyBag: @@ -37355,21 +32721,37 @@ spec: type: string referralResource: type: string - resourceId: - type: string + resourceReference: + description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object tenantId: type: string type: object type: object - principalId: - type: string - tenantId: - type: string type: type: string userAssignedIdentities: - additionalProperties: - description: Storage version of v1api20240402preview.ManagedClusterIdentity_UserAssignedIdentities_STATUS + items: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentityDetails + Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: @@ -37378,17 +32760,33 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - clientId: - type: string - principalId: - type: string + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - type: object + type: array type: object identityProfile: additionalProperties: description: |- - Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Storage version of v1api20240402preview.UserAssignedIdentity Details about a user assigned identity. properties: $propertyBag: @@ -37402,13 +32800,31 @@ spec: type: string objectId: type: string - resourceId: - type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: object ingressProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterIngressProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterIngressProfile Ingress profile for the container service cluster. properties: $propertyBag: @@ -37420,7 +32836,7 @@ spec: type: object webAppRouting: description: |- - Storage version of v1api20240402preview.ManagedClusterIngressProfileWebAppRouting_STATUS + Storage version of v1api20240402preview.ManagedClusterIngressProfileWebAppRouting Web App Routing settings for the ingress profile. properties: $propertyBag: @@ -37430,31 +32846,30 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - dnsZoneResourceIds: + dnsZoneResourceReferences: items: - type: string + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: array enabled: type: boolean - identity: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - clientId: - type: string - objectId: - type: string - resourceId: - type: string - type: object type: object type: object kind: @@ -37463,7 +32878,7 @@ spec: type: string linuxProfile: description: |- - Storage version of v1api20240402preview.ContainerServiceLinuxProfile_STATUS + Storage version of v1api20240402preview.ContainerServiceLinuxProfile Profile for Linux VMs in the container service cluster. properties: $propertyBag: @@ -37477,7 +32892,7 @@ spec: type: string ssh: description: |- - Storage version of v1api20240402preview.ContainerServiceSshConfiguration_STATUS + Storage version of v1api20240402preview.ContainerServiceSshConfiguration SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: @@ -37490,7 +32905,7 @@ spec: publicKeys: items: description: |- - Storage version of v1api20240402preview.ContainerServiceSshPublicKey_STATUS + Storage version of v1api20240402preview.ContainerServiceSshPublicKey Contains information about SSH certificate public key data. properties: $propertyBag: @@ -37508,11 +32923,9 @@ spec: type: object location: type: string - maxAgentPools: - type: integer metricsProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterMetricsProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterMetricsProfile The metrics profile for the ManagedCluster. properties: $propertyBag: @@ -37524,7 +32937,7 @@ spec: type: object costAnalysis: description: |- - Storage version of v1api20240402preview.ManagedClusterCostAnalysis_STATUS + Storage version of v1api20240402preview.ManagedClusterCostAnalysis The cost analysis configuration for the cluster properties: $propertyBag: @@ -37538,11 +32951,9 @@ spec: type: boolean type: object type: object - name: - type: string networkProfile: description: |- - Storage version of v1api20240402preview.ContainerServiceNetworkProfile_STATUS + Storage version of v1api20240402preview.ContainerServiceNetworkProfile Profile of network configuration. properties: $propertyBag: @@ -37554,7 +32965,7 @@ spec: type: object advancedNetworking: description: |- - Storage version of v1api20240402preview.AdvancedNetworking_STATUS + Storage version of v1api20240402preview.AdvancedNetworking Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking. properties: @@ -37567,7 +32978,7 @@ spec: type: object observability: description: |- - Storage version of v1api20240402preview.AdvancedNetworkingObservability_STATUS + Storage version of v1api20240402preview.AdvancedNetworkingObservability Observability profile to enable advanced network metrics and flow logs with historical contexts. properties: $propertyBag: @@ -37588,7 +32999,7 @@ spec: type: string type: array kubeProxyConfig: - description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_STATUS + description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig properties: $propertyBag: additionalProperties: @@ -37600,7 +33011,7 @@ spec: enabled: type: boolean ipvsConfig: - description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS + description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig properties: $propertyBag: additionalProperties: @@ -37623,7 +33034,7 @@ spec: type: object loadBalancerProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile Profile of the managed cluster load balancer. properties: $propertyBag: @@ -37642,7 +33053,7 @@ spec: effectiveOutboundIPs: items: description: |- - Storage version of v1api20240402preview.ResourceReference_STATUS + Storage version of v1api20240402preview.ResourceReference A reference to an Azure resource. properties: $propertyBag: @@ -37652,8 +33063,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array enableMultipleStandardLoadBalancers: @@ -37661,7 +33090,7 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: @@ -37676,7 +33105,7 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: @@ -37688,7 +33117,7 @@ spec: publicIPPrefixes: items: description: |- - Storage version of v1api20240402preview.ResourceReference_STATUS + Storage version of v1api20240402preview.ResourceReference A reference to an Azure resource. properties: $propertyBag: @@ -37698,13 +33127,31 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: @@ -37716,7 +33163,7 @@ spec: publicIPs: items: description: |- - Storage version of v1api20240402preview.ResourceReference_STATUS + Storage version of v1api20240402preview.ResourceReference A reference to an Azure resource. properties: $propertyBag: @@ -37726,8 +33173,26 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array type: object @@ -37736,7 +33201,7 @@ spec: type: string natGatewayProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterNATGatewayProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterNATGatewayProfile Profile of the managed cluster NAT gateway. properties: $propertyBag: @@ -37749,7 +33214,7 @@ spec: effectiveOutboundIPs: items: description: |- - Storage version of v1api20240402preview.ResourceReference_STATUS + Storage version of v1api20240402preview.ResourceReference A reference to an Azure resource. properties: $propertyBag: @@ -37759,15 +33224,33 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - id: - type: string + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array idleTimeoutInMinutes: type: integer managedOutboundIPProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterManagedOutboundIPProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterManagedOutboundIPProfile Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: @@ -37809,7 +33292,7 @@ spec: type: array staticEgressGatewayProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterStaticEgressGatewayProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterStaticEgressGatewayProfile The Static Egress Gateway addon configuration for the cluster. properties: $propertyBag: @@ -37824,7 +33307,7 @@ spec: type: object type: object nodeProvisioningProfile: - description: Storage version of v1api20240402preview.ManagedClusterNodeProvisioningProfile_STATUS + description: Storage version of v1api20240402preview.ManagedClusterNodeProvisioningProfile properties: $propertyBag: additionalProperties: @@ -37840,7 +33323,7 @@ spec: type: string nodeResourceGroupProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterNodeResourceGroupProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterNodeResourceGroupProfile Node resource group lockdown profile for a managed cluster. properties: $propertyBag: @@ -37855,7 +33338,7 @@ spec: type: object oidcIssuerProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterOIDCIssuerProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterOIDCIssuerProfile The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: @@ -37867,14 +33350,11 @@ spec: type: object enabled: type: boolean - issuerURL: - type: string type: object - podIdentityProfile: + operatorSpec: description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityProfile_STATUS - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. + Storage version of v1api20240402preview.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: @@ -37883,118 +33363,235 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - allowNetworkPluginKubenet: - type: boolean - enabled: - type: boolean - userAssignedIdentities: + configMapExpressions: items: description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentity_STATUS - Details about the pod identity assigned to the Managed Cluster. + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - $propertyBag: - additionalProperties: - type: string + key: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - bindingSelector: + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - identity: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - clientId: - type: string - objectId: - type: string - resourceId: - type: string - type: object name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string - namespace: + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string - provisioningInfo: - description: Storage version of v1api20240402preview.ManagedClusterPodIdentity_ProvisioningInfo_STATUS - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - error: + required: + - name + - value + type: object + type: array + configMaps: + description: Storage version of v1api20240402preview.ManagedClusterOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + oidcIssuerProfile: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: Storage version of v1api20240402preview.ManagedClusterOperatorSecrets + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podIdentityProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityProfile + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowNetworkPluginKubenet: + type: boolean + enabled: + type: boolean + userAssignedIdentities: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentity + Details about the pod identity assigned to the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + bindingSelector: + type: string + identity: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - details: - items: - description: Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - message: - type: string - target: - type: string - type: object - type: array - message: - type: string - target: - type: string - type: object + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string type: object type: object - provisioningState: + name: + type: string + namespace: type: string type: object type: array userAssignedIdentityExceptions: items: description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityException_STATUS + Storage version of v1api20240402preview.ManagedClusterPodIdentityException See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: @@ -38016,27 +33613,10 @@ spec: type: object type: array type: object - powerState: - description: |- - Storage version of v1api20240402preview.PowerState_STATUS - Describes the Power State of the cluster - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - type: object - privateFQDN: - type: string privateLinkResources: items: description: |- - Storage version of v1api20240402preview.PrivateLinkResource_STATUS + Storage version of v1api20240402preview.PrivateLinkResource A private link resource properties: $propertyBag: @@ -38048,12 +33628,28 @@ spec: type: object groupId: type: string - id: - type: string name: type: string - privateLinkServiceID: - type: string + reference: + description: 'Reference: The ID of the private link resource.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object requiredMembers: items: type: string @@ -38062,15 +33658,11 @@ spec: type: string type: object type: array - provisioningState: - type: string publicNetworkAccess: type: string - resourceUID: - type: string safeguardsProfile: description: |- - Storage version of v1api20240402preview.SafeguardsProfile_STATUS + Storage version of v1api20240402preview.SafeguardsProfile The Safeguards profile. properties: $propertyBag: @@ -38086,16 +33678,12 @@ spec: type: array level: type: string - systemExcludedNamespaces: - items: - type: string - type: array version: type: string type: object securityProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterSecurityProfile Security profile for the container service cluster. properties: $propertyBag: @@ -38107,7 +33695,7 @@ spec: type: object azureKeyVaultKms: description: |- - Storage version of v1api20240402preview.AzureKeyVaultKms_STATUS + Storage version of v1api20240402preview.AzureKeyVaultKms Azure Key Vault key management service settings for the security profile. properties: $propertyBag: @@ -38123,8 +33711,28 @@ spec: type: string keyVaultNetworkAccess: type: string - keyVaultResourceId: - type: string + keyVaultResourceReference: + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object customCATrustCertificates: items: @@ -38132,7 +33740,7 @@ spec: type: array defender: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefender_STATUS + Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefender Microsoft Defender settings for the security profile. properties: $propertyBag: @@ -38142,11 +33750,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - logAnalyticsWorkspaceResourceId: - type: string + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object securityMonitoring: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: @@ -38162,7 +33791,7 @@ spec: type: object imageCleaner: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageCleaner_STATUS + Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageCleaner Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile. properties: @@ -38180,7 +33809,7 @@ spec: type: object imageIntegrity: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageIntegrity_STATUS + Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageIntegrity Image integrity related settings for the security profile. properties: $propertyBag: @@ -38195,7 +33824,7 @@ spec: type: object nodeRestriction: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileNodeRestriction_STATUS + Storage version of v1api20240402preview.ManagedClusterSecurityProfileNodeRestriction Node Restriction settings for the security profile. properties: $propertyBag: @@ -38210,7 +33839,7 @@ spec: type: object workloadIdentity: description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Storage version of v1api20240402preview.ManagedClusterSecurityProfileWorkloadIdentity Workload identity settings for the security profile. properties: $propertyBag: @@ -38226,7 +33855,7 @@ spec: type: object serviceMeshProfile: description: |- - Storage version of v1api20240402preview.ServiceMeshProfile_STATUS + Storage version of v1api20240402preview.ServiceMeshProfile Service mesh profile for a managed cluster. properties: $propertyBag: @@ -38238,7 +33867,7 @@ spec: type: object istio: description: |- - Storage version of v1api20240402preview.IstioServiceMesh_STATUS + Storage version of v1api20240402preview.IstioServiceMesh Istio service mesh configuration. properties: $propertyBag: @@ -38250,7 +33879,7 @@ spec: type: object certificateAuthority: description: |- - Storage version of v1api20240402preview.IstioCertificateAuthority_STATUS + Storage version of v1api20240402preview.IstioCertificateAuthority Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca properties: @@ -38263,7 +33892,7 @@ spec: type: object plugin: description: |- - Storage version of v1api20240402preview.IstioPluginCertificateAuthority_STATUS + Storage version of v1api20240402preview.IstioPluginCertificateAuthority Plugin certificates information for Service Mesh. properties: $propertyBag: @@ -38279,15 +33908,33 @@ spec: type: string keyObjectName: type: string - keyVaultId: - type: string + keyVaultReference: + description: 'KeyVaultReference: The resource ID of the Key Vault.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object rootCertObjectName: type: string type: object type: object components: description: |- - Storage version of v1api20240402preview.IstioComponents_STATUS + Storage version of v1api20240402preview.IstioComponents Istio components configuration. properties: $propertyBag: @@ -38300,7 +33947,7 @@ spec: egressGateways: items: description: |- - Storage version of v1api20240402preview.IstioEgressGateway_STATUS + Storage version of v1api20240402preview.IstioEgressGateway Istio egress gateway configuration. properties: $propertyBag: @@ -38317,7 +33964,7 @@ spec: ingressGateways: items: description: |- - Storage version of v1api20240402preview.IstioIngressGateway_STATUS + Storage version of v1api20240402preview.IstioIngressGateway Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: @@ -38345,7 +33992,7 @@ spec: type: object servicePrincipalProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterServicePrincipalProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterServicePrincipalProfile Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: @@ -38357,10 +34004,27 @@ spec: type: object clientId: type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object type: object sku: description: |- - Storage version of v1api20240402preview.ManagedClusterSKU_STATUS + Storage version of v1api20240402preview.ManagedClusterSKU The SKU of a Managed Cluster. properties: $propertyBag: @@ -38377,7 +34041,7 @@ spec: type: object storageProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterStorageProfile Storage profile for the container service cluster. properties: $propertyBag: @@ -38389,7 +34053,7 @@ spec: type: object blobCSIDriver: description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileBlobCSIDriver_STATUS + Storage version of v1api20240402preview.ManagedClusterStorageProfileBlobCSIDriver AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: @@ -38404,7 +34068,7 @@ spec: type: object diskCSIDriver: description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileDiskCSIDriver_STATUS + Storage version of v1api20240402preview.ManagedClusterStorageProfileDiskCSIDriver AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: @@ -38421,7 +34085,7 @@ spec: type: object fileCSIDriver: description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileFileCSIDriver_STATUS + Storage version of v1api20240402preview.ManagedClusterStorageProfileFileCSIDriver AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: @@ -38436,7 +34100,7 @@ spec: type: object snapshotController: description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileSnapshotController_STATUS + Storage version of v1api20240402preview.ManagedClusterStorageProfileSnapshotController Snapshot Controller settings for the storage profile. properties: $propertyBag: @@ -38452,40 +34116,13 @@ spec: type: object supportPlan: type: string - systemData: - description: |- - Storage version of v1api20240402preview.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - createdAt: - type: string - createdBy: - type: string - createdByType: - type: string - lastModifiedAt: - type: string - lastModifiedBy: - type: string - lastModifiedByType: - type: string - type: object tags: additionalProperties: type: string type: object - type: - type: string upgradeSettings: description: |- - Storage version of v1api20240402preview.ClusterUpgradeSettings_STATUS + Storage version of v1api20240402preview.ClusterUpgradeSettings Settings for upgrading a cluster. properties: $propertyBag: @@ -38497,7 +34134,7 @@ spec: type: object overrideSettings: description: |- - Storage version of v1api20240402preview.UpgradeOverrideSettings_STATUS + Storage version of v1api20240402preview.UpgradeOverrideSettings Settings for overrides when upgrading a cluster. properties: $propertyBag: @@ -38515,7 +34152,7 @@ spec: type: object windowsProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterWindowsProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterWindowsProfile Profile for Windows VMs in the managed cluster. properties: $propertyBag: @@ -38525,13 +34162,30 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object + adminPassword: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: description: |- - Storage version of v1api20240402preview.WindowsGmsaProfile_STATUS + Storage version of v1api20240402preview.WindowsGmsaProfile Windows gMSA Profile in the managed cluster. properties: $propertyBag: @@ -38553,7 +34207,7 @@ spec: type: object workloadAutoScalerProfile: description: |- - Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfile_STATUS + Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfile Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: @@ -38565,7 +34219,7 @@ spec: type: object keda: description: |- - Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileKeda KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: @@ -38579,7 +34233,7 @@ spec: type: boolean type: object verticalPodAutoscaler: - description: Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS + description: Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler properties: $propertyBag: additionalProperties: @@ -38594,65 +34248,14645 @@ spec: type: boolean type: object type: object + required: + - owner type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 - labels: - app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: managedclustersagentpools.containerservice.azure.com -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: azureserviceoperator-webhook-service - namespace: azureserviceoperator-system - path: /convert - port: 443 - conversionReviewVersions: - - v1 - group: containerservice.azure.com - names: - kind: ManagedClustersAgentPool - listKind: ManagedClustersAgentPoolList - plural: managedclustersagentpools - singular: managedclustersagentpool - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20210501 - schema: - openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} - properties: + status: + description: |- + Storage version of v1api20240402preview.ManagedCluster_STATUS + Managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + aadProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAADProfile_STATUS + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminGroupObjectIDs: + items: + type: string + type: array + clientAppID: + type: string + enableAzureRBAC: + type: boolean + managed: + type: boolean + serverAppID: + type: string + serverAppSecret: + type: string + tenantID: + type: string + type: object + addonProfiles: + additionalProperties: + description: |- + Storage version of v1api20240402preview.ManagedClusterAddonProfile_STATUS + A Kubernetes add-on profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + config: + additionalProperties: + type: string + type: object + enabled: + type: boolean + identity: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + type: object + agentPoolProfiles: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterAgentPoolProfile_STATUS + Profile for the container service agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + availabilityZones: + items: + type: string + type: array + capacityReservationGroupID: + type: string + count: + type: integer + creationData: + description: |- + Storage version of v1api20240402preview.CreationData_STATUS + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceId: + type: string + type: object + currentOrchestratorVersion: + type: string + eTag: + type: string + enableAutoScaling: + type: boolean + enableCustomCATrust: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gatewayProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolGatewayProfile_STATUS + Profile of the managed cluster gateway agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixSize: + type: integer + type: object + gpuInstanceProfile: + type: string + gpuProfile: + description: Storage version of v1api20240402preview.AgentPoolGPUProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object + hostGroupID: + type: string + kubeletConfig: + description: |- + Storage version of v1api20240402preview.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: |- + Storage version of v1api20240402preview.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: |- + Storage version of v1api20240402preview.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + messageOfTheDay: + type: string + minCount: + type: integer + mode: + type: string + name: + type: string + networkProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20240402preview.PortRange_STATUS + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroups: + items: + type: string + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20240402preview.IPTag_STATUS + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object + nodeImageVersion: + type: string + nodeInitializationTaints: + items: + type: string + type: array + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixID: + type: string + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podIPAllocationMode: + type: string + podSubnetID: + type: string + powerState: + description: |- + Storage version of v1api20240402preview.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + provisioningState: + type: string + proximityPlacementGroupID: + type: string + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + securityProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolSecurityProfile_STATUS + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240402preview.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: + type: string + nodeSoakDurationInMinutes: + type: integer + undrainableNodeBehavior: + type: string + type: object + virtualMachineNodesStatus: + items: + description: |- + Storage version of v1api20240402preview.VirtualMachineNodes_STATUS + Current status on a group of nodes of the same vm size. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: |- + Storage version of v1api20240402preview.VirtualMachinesProfile_STATUS + Specifications on VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: |- + Storage version of v1api20240402preview.ScaleProfile_STATUS + Specifications on how to scale a VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + autoscale: + items: + description: |- + Storage version of v1api20240402preview.AutoScaleProfile_STATUS + Specifications on auto-scaling. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxCount: + type: integer + minCount: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + manual: + items: + description: |- + Storage version of v1api20240402preview.ManualScaleProfile_STATUS + Specifications on number of machines. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object + type: object + vmSize: + type: string + vnetSubnetID: + type: string + windowsProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object + workloadRuntime: + type: string + type: object + type: array + aiToolchainOperatorProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAIToolchainOperatorProfile_STATUS + When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator + automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and + enables distributed inference against them. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + apiServerAccessProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAPIServerAccessProfile_STATUS + Access profile for managed cluster API server. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: + items: + type: string + type: array + disableRunCommand: + type: boolean + enablePrivateCluster: + type: boolean + enablePrivateClusterPublicFQDN: + type: boolean + enableVnetIntegration: + type: boolean + privateDNSZone: + type: string + subnetId: + type: string + type: object + autoScalerProfile: + description: Storage version of v1api20240402preview.ManagedClusterProperties_AutoScalerProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + balance-similar-node-groups: + type: string + daemonset-eviction-for-empty-nodes: + type: boolean + daemonset-eviction-for-occupied-nodes: + type: boolean + expander: + type: string + ignore-daemonsets-utilization: + type: boolean + max-empty-bulk-delete: + type: string + max-graceful-termination-sec: + type: string + max-node-provision-time: + type: string + max-total-unready-percentage: + type: string + new-pod-scale-up-delay: + type: string + ok-total-unready-count: + type: string + scale-down-delay-after-add: + type: string + scale-down-delay-after-delete: + type: string + scale-down-delay-after-failure: + type: string + scale-down-unneeded-time: + type: string + scale-down-unready-time: + type: string + scale-down-utilization-threshold: + type: string + scan-interval: + type: string + skip-nodes-with-local-storage: + type: string + skip-nodes-with-system-pods: + type: string + type: object + autoUpgradeProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAutoUpgradeProfile_STATUS + Auto upgrade profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + nodeOSUpgradeChannel: + type: string + upgradeChannel: + type: string + type: object + azureMonitorProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfile_STATUS + Prometheus addon profile for the container service cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + appMonitoring: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoring_STATUS + Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces + through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + autoInstrumentation: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation_STATUS + Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument + Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + openTelemetryLogs: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs_STATUS + Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects + OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + port: + type: integer + type: object + openTelemetryMetrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS + Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects + OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + port: + type: integer + type: object + type: object + containerInsights: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileContainerInsights_STATUS + Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See + aka.ms/AzureMonitorContainerInsights for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableCustomMetrics: + type: boolean + disablePrometheusMetricsScraping: + type: boolean + enabled: + type: boolean + logAnalyticsWorkspaceResourceId: + type: string + syslogPort: + type: integer + type: object + metrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileMetrics_STATUS + Metrics profile for the prometheus service addon + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + kubeStateMetrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Kube State Metrics for prometheus addon profile for the container service cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metricAnnotationsAllowList: + type: string + metricLabelsAllowlist: + type: string + type: object + type: object + type: object + azurePortalFQDN: + type: string + bootstrapProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterBootstrapProfile_STATUS + The bootstrap profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactSource: + type: string + containerRegistryId: + type: string + type: object + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + creationData: + description: |- + Storage version of v1api20240402preview.CreationData_STATUS + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceId: + type: string + type: object + currentKubernetesVersion: + type: string + disableLocalAccounts: + type: boolean + diskEncryptionSetID: + type: string + dnsPrefix: + type: string + eTag: + type: string + enableNamespaceResources: + type: boolean + enablePodSecurityPolicy: + type: boolean + enableRBAC: + type: boolean + extendedLocation: + description: |- + Storage version of v1api20240402preview.ExtendedLocation_STATUS + The complex type of the extended location. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + type: + type: string + type: object + fqdn: + type: string + fqdnSubdomain: + type: string + httpProxyConfig: + description: |- + Storage version of v1api20240402preview.ManagedClusterHTTPProxyConfig_STATUS + Cluster HTTP proxy configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + effectiveNoProxy: + items: + type: string + type: array + httpProxy: + type: string + httpsProxy: + type: string + noProxy: + items: + type: string + type: array + trustedCa: + type: string + type: object + id: + type: string + identity: + description: |- + Storage version of v1api20240402preview.ManagedClusterIdentity_STATUS + Identity for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + delegatedResources: + additionalProperties: + description: |- + Storage version of v1api20240402preview.DelegatedResource_STATUS + Delegated resource properties - internal use only. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + location: + type: string + referralResource: + type: string + resourceId: + type: string + tenantId: + type: string + type: object + type: object + principalId: + type: string + tenantId: + type: string + type: + type: string + userAssignedIdentities: + additionalProperties: + description: Storage version of v1api20240402preview.ManagedClusterIdentity_UserAssignedIdentities_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + principalId: + type: string + type: object + type: object + type: object + identityProfile: + additionalProperties: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + ingressProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterIngressProfile_STATUS + Ingress profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + webAppRouting: + description: |- + Storage version of v1api20240402preview.ManagedClusterIngressProfileWebAppRouting_STATUS + Web App Routing settings for the ingress profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsZoneResourceIds: + items: + type: string + type: array + enabled: + type: boolean + identity: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + type: object + kind: + type: string + kubernetesVersion: + type: string + linuxProfile: + description: |- + Storage version of v1api20240402preview.ContainerServiceLinuxProfile_STATUS + Profile for Linux VMs in the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminUsername: + type: string + ssh: + description: |- + Storage version of v1api20240402preview.ContainerServiceSshConfiguration_STATUS + SSH configuration for Linux-based VMs running on Azure. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicKeys: + items: + description: |- + Storage version of v1api20240402preview.ContainerServiceSshPublicKey_STATUS + Contains information about SSH certificate public key data. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: + type: string + type: object + type: array + type: object + type: object + location: + type: string + maxAgentPools: + type: integer + metricsProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterMetricsProfile_STATUS + The metrics profile for the ManagedCluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + costAnalysis: + description: |- + Storage version of v1api20240402preview.ManagedClusterCostAnalysis_STATUS + The cost analysis configuration for the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + name: + type: string + networkProfile: + description: |- + Storage version of v1api20240402preview.ContainerServiceNetworkProfile_STATUS + Profile of network configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + advancedNetworking: + description: |- + Storage version of v1api20240402preview.AdvancedNetworking_STATUS + Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may + incur additional costs. For more information see aka.ms/aksadvancednetworking. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + observability: + description: |- + Storage version of v1api20240402preview.AdvancedNetworkingObservability_STATUS + Observability profile to enable advanced network metrics and flow logs with historical contexts. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + dnsServiceIP: + type: string + ipFamilies: + items: + type: string + type: array + kubeProxyConfig: + description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + ipvsConfig: + description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scheduler: + type: string + tcpFinTimeoutSeconds: + type: integer + tcpTimeoutSeconds: + type: integer + udpTimeoutSeconds: + type: integer + type: object + mode: + type: string + type: object + loadBalancerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_STATUS + Profile of the managed cluster load balancer. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allocatedOutboundPorts: + type: integer + backendPoolType: + type: string + clusterServiceLoadBalancerHealthProbeMode: + type: string + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + enableMultipleStandardLoadBalancers: + type: boolean + idleTimeoutInMinutes: + type: integer + managedOutboundIPs: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + countIPv6: + type: integer + type: object + outboundIPPrefixes: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixes: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + type: object + outboundIPs: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + type: object + type: object + loadBalancerSku: + type: string + natGatewayProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterNATGatewayProfile_STATUS + Profile of the managed cluster NAT gateway. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + idleTimeoutInMinutes: + type: integer + managedOutboundIPProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterManagedOutboundIPProfile_STATUS + Profile of the managed outbound IP resources of the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + type: object + type: object + networkDataplane: + type: string + networkMode: + type: string + networkPlugin: + type: string + networkPluginMode: + type: string + networkPolicy: + type: string + outboundType: + type: string + podCidr: + type: string + podCidrs: + items: + type: string + type: array + podLinkLocalAccess: + type: string + serviceCidr: + type: string + serviceCidrs: + items: + type: string + type: array + staticEgressGatewayProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterStaticEgressGatewayProfile_STATUS + The Static Egress Gateway addon configuration for the cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + nodeProvisioningProfile: + description: Storage version of v1api20240402preview.ManagedClusterNodeProvisioningProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + mode: + type: string + type: object + nodeResourceGroup: + type: string + nodeResourceGroupProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterNodeResourceGroupProfile_STATUS + Node resource group lockdown profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + restrictionLevel: + type: string + type: object + oidcIssuerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterOIDCIssuerProfile_STATUS + The OIDC issuer profile of the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + issuerURL: + type: string + type: object + podIdentityProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityProfile_STATUS + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowNetworkPluginKubenet: + type: boolean + enabled: + type: boolean + userAssignedIdentities: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentity_STATUS + Details about the pod identity assigned to the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + bindingSelector: + type: string + identity: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + name: + type: string + namespace: + type: string + provisioningInfo: + description: Storage version of v1api20240402preview.ManagedClusterPodIdentity_ProvisioningInfo_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningError_STATUS + An error response from the pod identity provisioning. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + An error response from the pod identity provisioning. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + details: + items: + description: Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string + type: object + type: array + userAssignedIdentityExceptions: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityException_STATUS + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + namespace: + type: string + podLabels: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + powerState: + description: |- + Storage version of v1api20240402preview.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + privateFQDN: + type: string + privateLinkResources: + items: + description: |- + Storage version of v1api20240402preview.PrivateLinkResource_STATUS + A private link resource + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupId: + type: string + id: + type: string + name: + type: string + privateLinkServiceID: + type: string + requiredMembers: + items: + type: string + type: array + type: + type: string + type: object + type: array + provisioningState: + type: string + publicNetworkAccess: + type: string + resourceUID: + type: string + safeguardsProfile: + description: |- + Storage version of v1api20240402preview.SafeguardsProfile_STATUS + The Safeguards profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + excludedNamespaces: + items: + type: string + type: array + level: + type: string + systemExcludedNamespaces: + items: + type: string + type: array + version: + type: string + type: object + securityProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfile_STATUS + Security profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + azureKeyVaultKms: + description: |- + Storage version of v1api20240402preview.AzureKeyVaultKms_STATUS + Azure Key Vault key management service settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + keyId: + type: string + keyVaultNetworkAccess: + type: string + keyVaultResourceId: + type: string + type: object + customCATrustCertificates: + items: + type: string + type: array + defender: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefender_STATUS + Microsoft Defender settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + logAnalyticsWorkspaceResourceId: + type: string + securityMonitoring: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Microsoft Defender settings for the security profile threat detection. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + imageCleaner: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageCleaner_STATUS + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + intervalHours: + type: integer + type: object + imageIntegrity: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageIntegrity_STATUS + Image integrity related settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + nodeRestriction: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileNodeRestriction_STATUS + Node Restriction settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + workloadIdentity: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Workload identity settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + serviceMeshProfile: + description: |- + Storage version of v1api20240402preview.ServiceMeshProfile_STATUS + Service mesh profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + istio: + description: |- + Storage version of v1api20240402preview.IstioServiceMesh_STATUS + Istio service mesh configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certificateAuthority: + description: |- + Storage version of v1api20240402preview.IstioCertificateAuthority_STATUS + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + plugin: + description: |- + Storage version of v1api20240402preview.IstioPluginCertificateAuthority_STATUS + Plugin certificates information for Service Mesh. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certChainObjectName: + type: string + certObjectName: + type: string + keyObjectName: + type: string + keyVaultId: + type: string + rootCertObjectName: + type: string + type: object + type: object + components: + description: |- + Storage version of v1api20240402preview.IstioComponents_STATUS + Istio components configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + egressGateways: + items: + description: |- + Storage version of v1api20240402preview.IstioEgressGateway_STATUS + Istio egress gateway configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: array + ingressGateways: + items: + description: |- + Storage version of v1api20240402preview.IstioIngressGateway_STATUS + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + mode: + type: string + type: object + type: array + type: object + revisions: + items: + type: string + type: array + type: object + mode: + type: string + type: object + servicePrincipalProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterServicePrincipalProfile_STATUS + Information about a service principal identity for the cluster to use for manipulating Azure APIs. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + type: object + sku: + description: |- + Storage version of v1api20240402preview.ManagedClusterSKU_STATUS + The SKU of a Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + tier: + type: string + type: object + storageProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfile_STATUS + Storage profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + blobCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileBlobCSIDriver_STATUS + AzureBlob CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + diskCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileDiskCSIDriver_STATUS + AzureDisk CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + version: + type: string + type: object + fileCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileFileCSIDriver_STATUS + AzureFile CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + snapshotController: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileSnapshotController_STATUS + Snapshot Controller settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + supportPlan: + type: string + systemData: + description: |- + Storage version of v1api20240402preview.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: + type: string + type: object + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240402preview.ClusterUpgradeSettings_STATUS + Settings for upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + overrideSettings: + description: |- + Storage version of v1api20240402preview.UpgradeOverrideSettings_STATUS + Settings for overrides when upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + forceUpgrade: + type: boolean + until: + type: string + type: object + type: object + windowsProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterWindowsProfile_STATUS + Profile for Windows VMs in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminUsername: + type: string + enableCSIProxy: + type: boolean + gmsaProfile: + description: |- + Storage version of v1api20240402preview.WindowsGmsaProfile_STATUS + Windows gMSA Profile in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServer: + type: string + enabled: + type: boolean + rootDomainName: + type: string + type: object + licenseType: + type: string + type: object + workloadAutoScalerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfile_STATUS + Workload Auto-scaler profile for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keda: + description: |- + Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + verticalPodAutoscaler: + description: Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + addonAutoscaling: + type: string + enabled: + type: boolean + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20240901 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + aadProfile: + description: 'AadProfile: The Azure Active Directory configuration.' + properties: + adminGroupObjectIDs: + description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' + items: + type: string + type: array + clientAppID: + description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + enableAzureRBAC: + description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' + type: boolean + managed: + description: 'Managed: Whether to enable managed AAD.' + type: boolean + serverAppID: + description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + serverAppSecret: + description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + tenantID: + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. + type: string + type: object + addonProfiles: + additionalProperties: + description: A Kubernetes add-on profile for a managed cluster. + properties: + config: + additionalProperties: + type: string + description: 'Config: Key-value pairs for configuring an add-on.' + type: object + enabled: + description: 'Enabled: Whether the add-on is enabled or not.' + type: boolean + required: + - enabled + type: object + description: 'AddonProfiles: The profile of managed cluster add-on.' + type: object + agentPoolProfiles: + description: 'AgentPoolProfiles: The agent pool properties.' + items: + description: Profile for the container service agent pool. + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g + type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. + minimum: 2 + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User + type: string + name: + description: 'Name: Windows agent pool names must be 6 characters or less.' + pattern: ^[a-z][a-z0-9]{0,11}$ + type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + maximum: 65535 + minimum: 1 + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + maximum: 65535 + minimum: 1 + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP + type: string + type: object + type: array + applicationSecurityGroupsReferences: + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + maximum: 2048 + minimum: 0 + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + enum: + - AzureLinux + - CBLMariner + - Ubuntu + - Windows2019 + - Windows2022 + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows + type: string + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot + type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + type: object + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 + type: integer + maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + maximum: 30 + minimum: 0 + type: integer + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - OCIContainer + - WasmWasi + type: string + required: + - name + type: object + type: array + apiServerAccessProfile: + description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' + properties: + authorizedIPRanges: + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). + items: + type: string + type: array + disableRunCommand: + description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' + type: boolean + enablePrivateCluster: + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). + type: boolean + enablePrivateClusterPublicFQDN: + description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' + type: boolean + privateDNSZone: + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. + type: string + type: object + autoScalerProfile: + description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + properties: + balance-similar-node-groups: + description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' + type: string + daemonset-eviction-for-empty-nodes: + description: |- + DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the + node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be + deleted without ensuring that daemonset pods are deleted or evicted. + type: boolean + daemonset-eviction-for-occupied-nodes: + description: |- + DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion + of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node + will be deleted without ensuring that daemonset pods are deleted or evicted. + type: boolean + expander: + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. + enum: + - least-waste + - most-pods + - priority + - random + type: string + ignore-daemonsets-utilization: + description: |- + IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making + scaling down decisions. + type: boolean + max-empty-bulk-delete: + description: 'MaxEmptyBulkDelete: The default is 10.' + type: string + max-graceful-termination-sec: + description: 'MaxGracefulTerminationSec: The default is 600.' + type: string + max-node-provision-time: + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + max-total-unready-percentage: + description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' + type: string + new-pod-scale-up-delay: + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). + type: string + ok-total-unready-count: + description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' + type: string + scale-down-delay-after-add: + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-delay-after-delete: + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. + type: string + scale-down-delay-after-failure: + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. + type: string + scale-down-unneeded-time: + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-unready-time: + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-utilization-threshold: + description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' + type: string + scan-interval: + description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' + type: string + skip-nodes-with-local-storage: + description: 'SkipNodesWithLocalStorage: The default is true.' + type: string + skip-nodes-with-system-pods: + description: 'SkipNodesWithSystemPods: The default is true.' + type: string + type: object + autoUpgradeProfile: + description: 'AutoUpgradeProfile: The auto upgrade configuration.' + properties: + nodeOSUpgradeChannel: + description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' + enum: + - NodeImage + - None + - SecurityPatch + - Unmanaged + type: string + upgradeChannel: + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). + enum: + - node-image + - none + - patch + - rapid + - stable + type: string + type: object + azureMonitorProfile: + description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' + properties: + metrics: + description: |- + Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. + properties: + enabled: + description: |- + Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See + aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. + type: boolean + kubeStateMetrics: + description: |- + KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. + properties: + metricAnnotationsAllowList: + description: |- + MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's + labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric + contains only resource name and namespace labels. + type: string + metricLabelsAllowlist: + description: |- + MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only + resource name and namespace labels. + type: string + type: object + required: + - enabled + type: object + type: object + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ + type: string + disableLocalAccounts: + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). + type: boolean + diskEncryptionSetReference: + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + dnsPrefix: + description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' + type: string + enablePodSecurityPolicy: + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. + type: boolean + enableRBAC: + description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' + type: boolean + extendedLocation: + description: 'ExtendedLocation: The extended location of the Virtual Machine.' + properties: + name: + description: 'Name: The name of the extended location.' + type: string + type: + description: 'Type: The type of the extended location.' + enum: + - EdgeZone + type: string + type: object + fqdnSubdomain: + description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' + type: string + httpProxyConfig: + description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + properties: + httpProxy: + description: 'HttpProxy: The HTTP proxy server endpoint to use.' + type: string + httpsProxy: + description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' + type: string + noProxy: + description: 'NoProxy: The endpoints that should not go through proxy.' + items: + type: string + type: array + trustedCa: + description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' + type: string + type: object + identity: + description: 'Identity: The identity of the managed cluster, if configured.' + properties: + delegatedResources: + additionalProperties: + description: Delegated resource properties - internal use only. + properties: + location: + description: 'Location: The source resource location - internal use only.' + type: string + referralResource: + description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' + type: string + resourceReference: + description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + tenantId: + description: 'TenantId: The tenant id of the delegated resource - internal use only.' + pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ + type: string + type: object + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. + type: object + type: + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + enum: + - None + - SystemAssigned + - UserAssigned + type: string + userAssignedIdentities: + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. + items: + description: Information about the user assigned identity for the resource + properties: + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + identityProfile: + additionalProperties: + description: Details about a user assigned identity. + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + description: |- + IdentityProfile: The user identity associated with the managed cluster. This identity will be used by the kubelet. Only + one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}". + type: object + ingressProfile: + description: 'IngressProfile: Ingress profile for the managed cluster.' + properties: + webAppRouting: + description: |- + WebAppRouting: App Routing settings for the ingress profile. You can find an overview and onboarding guide for this + feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default. + properties: + dnsZoneResourceReferences: + description: |- + DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only + when Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all + public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group. + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + enabled: + description: 'Enabled: Whether to enable the Application Routing add-on.' + type: boolean + type: object + type: object + kubernetesVersion: + description: |- + KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All + upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or + 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. + type: string + linuxProfile: + description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' + properties: + adminUsername: + description: 'AdminUsername: The administrator username to use for Linux VMs.' + pattern: ^[A-Za-z][-A-Za-z0-9_]*$ + type: string + ssh: + description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' + properties: + publicKeys: + description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' + items: + description: Contains information about SSH certificate public key data. + properties: + keyData: + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. + type: string + required: + - keyData + type: object + type: array + required: + - publicKeys + type: object + required: + - adminUsername + - ssh + type: object + location: + description: 'Location: The geo-location where the resource lives' + type: string + metricsProfile: + description: 'MetricsProfile: Optional cluster metrics configuration.' + properties: + costAnalysis: + description: 'CostAnalysis: The cost analysis configuration for the cluster' + properties: + enabled: + description: |- + Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will + add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the + default is false. For more information see aka.ms/aks/docs/cost-analysis. + type: boolean + type: object + type: object + networkProfile: + description: 'NetworkProfile: The network configuration profile.' + properties: + advancedNetworking: + description: |- + AdvancedNetworking: Advanced Networking profile for enabling observability and security feature suite on a cluster. For + more information see aka.ms/aksadvancednetworking. + properties: + enabled: + description: |- + Enabled: Indicates the enablement of Advanced Networking functionalities of observability and security on AKS clusters. + When this is set to true, all observability and security features will be set to enabled unless explicitly disabled. If + not specified, the default is false. + type: boolean + observability: + description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' + properties: + enabled: + description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' + type: boolean + type: object + security: + description: 'Security: Security profile to enable security features on cilium based cluster.' + properties: + enabled: + description: |- + Enabled: This feature allows user to configure network policy based on DNS (FQDN) names. It can be enabled only on + cilium based clusters. If not specified, the default is false. + type: boolean + type: object + type: object + dnsServiceIP: + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. + pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ + type: string + ipFamilies: + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. + items: + enum: + - IPv4 + - IPv6 + type: string + type: array + loadBalancerProfile: + description: 'LoadBalancerProfile: Profile of the cluster load balancer.' + properties: + allocatedOutboundPorts: + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + maximum: 64000 + minimum: 0 + type: integer + backendPoolType: + description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' + enum: + - NodeIP + - NodeIPConfiguration + type: string + effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' + items: + description: A reference to an Azure resource. + properties: + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + enableMultipleStandardLoadBalancers: + description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' + type: boolean + idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. + maximum: 120 + minimum: 4 + type: integer + managedOutboundIPs: + description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' + properties: + count: + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. + maximum: 100 + minimum: 1 + type: integer + countIPv6: + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + maximum: 100 + minimum: 0 + type: integer + type: object + outboundIPPrefixes: + description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' + properties: + publicIPPrefixes: + description: 'PublicIPPrefixes: A list of public IP prefix resources.' + items: + description: A reference to an Azure resource. + properties: + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + outboundIPs: + description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' + properties: + publicIPs: + description: 'PublicIPs: A list of public IP resources.' + items: + description: A reference to an Azure resource. + properties: + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + type: object + loadBalancerSku: + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. + enum: + - basic + - standard + type: string + natGatewayProfile: + description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' + properties: + effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' + items: + description: A reference to an Azure resource. + properties: + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. + maximum: 120 + minimum: 4 + type: integer + managedOutboundIPProfile: + description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' + properties: + count: + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. + maximum: 16 + minimum: 1 + type: integer + type: object + type: object + networkDataplane: + description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' + enum: + - azure + - cilium + type: string + networkMode: + description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + enum: + - bridge + - transparent + type: string + networkPlugin: + description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + enum: + - azure + - kubenet + - none + type: string + networkPluginMode: + description: 'NetworkPluginMode: The mode the network plugin should use.' + enum: + - overlay + type: string + networkPolicy: + description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + enum: + - azure + - calico + - cilium + - none + type: string + outboundType: + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + enum: + - loadBalancer + - managedNATGateway + - userAssignedNATGateway + - userDefinedRouting + type: string + podCidr: + description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ + type: string + podCidrs: + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. + items: + type: string + type: array + serviceCidr: + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ + type: string + serviceCidrs: + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. + items: + type: string + type: array + type: object + nodeResourceGroup: + description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' + type: string + nodeResourceGroupProfile: + description: 'NodeResourceGroupProfile: Profile of the node resource group configuration.' + properties: + restrictionLevel: + description: |- + RestrictionLevel: The restriction level applied to the cluster's node resource group. If not specified, the default is + 'Unrestricted' + enum: + - ReadOnly + - Unrestricted + type: string + type: object + oidcIssuerProfile: + description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' + properties: + enabled: + description: 'Enabled: Whether the OIDC issuer is enabled.' + type: boolean + type: object + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + oidcIssuerProfile: + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: 'Secrets: configures where to place Azure generated secrets.' + properties: + adminCredentials: + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podIdentityProfile: + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. + properties: + allowNetworkPluginKubenet: + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. + type: boolean + enabled: + description: 'Enabled: Whether the pod identity addon is enabled.' + type: boolean + userAssignedIdentities: + description: 'UserAssignedIdentities: The pod identities to use in the cluster.' + items: + description: Details about the pod identity assigned to the Managed Cluster. + properties: + bindingSelector: + description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' + type: string + identity: + description: 'Identity: The user assigned identity details.' + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + name: + description: 'Name: The name of the pod identity.' + type: string + namespace: + description: 'Namespace: The namespace of the pod identity.' + type: string + required: + - identity + - name + - namespace + type: object + type: array + userAssignedIdentityExceptions: + description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' + items: + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + name: + description: 'Name: The name of the pod identity exception.' + type: string + namespace: + description: 'Namespace: The namespace of the pod identity exception.' + type: string + podLabels: + additionalProperties: + type: string + description: 'PodLabels: The pod labels to match.' + type: object + required: + - name + - namespace + - podLabels + type: object + type: array + type: object + privateLinkResources: + description: 'PrivateLinkResources: Private link resources associated with the cluster.' + items: + description: A private link resource + properties: + groupId: + description: 'GroupId: The group ID of the resource.' + type: string + name: + description: 'Name: The name of the private link resource.' + type: string + reference: + description: 'Reference: The ID of the private link resource.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requiredMembers: + description: 'RequiredMembers: The RequiredMembers of the resource' + items: + type: string + type: array + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + publicNetworkAccess: + description: 'PublicNetworkAccess: Allow or deny public network access for AKS' + enum: + - Disabled + - Enabled + type: string + securityProfile: + description: 'SecurityProfile: Security profile for the managed cluster.' + properties: + azureKeyVaultKms: + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. + properties: + enabled: + description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' + type: boolean + keyId: + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. + type: string + keyVaultNetworkAccess: + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. + enum: + - Private + - Public + type: string + keyVaultResourceReference: + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + defender: + description: 'Defender: Microsoft Defender settings for the security profile.' + properties: + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + securityMonitoring: + description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Defender threat detection' + type: boolean + type: object + type: object + imageCleaner: + description: 'ImageCleaner: Image Cleaner settings for the security profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' + type: boolean + intervalHours: + description: 'IntervalHours: Image Cleaner scanning interval in hours.' + type: integer + type: object + workloadIdentity: + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. + properties: + enabled: + description: 'Enabled: Whether to enable workload identity.' + type: boolean + type: object + type: object + serviceMeshProfile: + description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' + properties: + istio: + description: 'Istio: Istio service mesh configuration.' + properties: + certificateAuthority: + description: |- + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca + properties: + plugin: + description: 'Plugin: Plugin certificates information for Service Mesh.' + properties: + certChainObjectName: + description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' + type: string + certObjectName: + description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' + type: string + keyObjectName: + description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' + type: string + keyVaultReference: + description: 'KeyVaultReference: The resource ID of the Key Vault.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + rootCertObjectName: + description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' + type: string + type: object + type: object + components: + description: 'Components: Istio components configuration.' + properties: + egressGateways: + description: 'EgressGateways: Istio egress gateways.' + items: + description: Istio egress gateway configuration. + properties: + enabled: + description: 'Enabled: Whether to enable the egress gateway.' + type: boolean + required: + - enabled + type: object + type: array + ingressGateways: + description: 'IngressGateways: Istio ingress gateways.' + items: + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + enabled: + description: 'Enabled: Whether to enable the ingress gateway.' + type: boolean + mode: + description: 'Mode: Mode of an ingress gateway.' + enum: + - External + - Internal + type: string + required: + - enabled + - mode + type: object + type: array + type: object + revisions: + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade + items: + type: string + maxItems: 2 + type: array + type: object + mode: + description: 'Mode: Mode of the service mesh.' + enum: + - Disabled + - Istio + type: string + required: + - mode + type: object + servicePrincipalProfile: + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. + properties: + clientId: + description: 'ClientId: The ID for the service principal.' + type: string + secret: + description: 'Secret: The secret password associated with the service principal in plain text.' + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + required: + - clientId + type: object + sku: + description: 'Sku: The managed cluster SKU.' + properties: + name: + description: 'Name: The name of a managed cluster SKU.' + enum: + - Base + type: string + tier: + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. + enum: + - Free + - Premium + - Standard + type: string + type: object + storageProfile: + description: 'StorageProfile: Storage profile for the managed cluster.' + properties: + blobCSIDriver: + description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' + type: boolean + type: object + diskCSIDriver: + description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' + type: boolean + type: object + fileCSIDriver: + description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' + type: boolean + type: object + snapshotController: + description: 'SnapshotController: Snapshot Controller settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' + type: boolean + type: object + type: object + supportPlan: + description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' + enum: + - AKSLongTermSupport + - KubernetesOfficial + type: string + tags: + additionalProperties: + type: string + description: 'Tags: Resource tags.' + type: object + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading a cluster.' + properties: + overrideSettings: + description: 'OverrideSettings: Settings for overrides.' + properties: + forceUpgrade: + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. + type: boolean + until: + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. + type: string + type: object + type: object + windowsProfile: + description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' + properties: + adminPassword: + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + adminUsername: + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters + type: string + enableCSIProxy: + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). + type: boolean + gmsaProfile: + description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' + properties: + dnsServer: + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + type: string + enabled: + description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' + type: boolean + rootDomainName: + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + type: string + type: object + licenseType: + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + enum: + - None + - Windows_Server + type: string + required: + - adminUsername + type: object + workloadAutoScalerProfile: + description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' + properties: + keda: + description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' + properties: + enabled: + description: 'Enabled: Whether to enable KEDA.' + type: boolean + required: + - enabled + type: object + verticalPodAutoscaler: + description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' + properties: + enabled: + description: 'Enabled: Whether to enable VPA. Default value is false.' + type: boolean + required: + - enabled + type: object + type: object + required: + - location + - owner + type: object + status: + description: Managed cluster. + properties: + aadProfile: + description: 'AadProfile: The Azure Active Directory configuration.' + properties: + adminGroupObjectIDs: + description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' + items: + type: string + type: array + clientAppID: + description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + enableAzureRBAC: + description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' + type: boolean + managed: + description: 'Managed: Whether to enable managed AAD.' + type: boolean + serverAppID: + description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + serverAppSecret: + description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + tenantID: + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. + type: string + type: object + addonProfiles: + additionalProperties: + description: A Kubernetes add-on profile for a managed cluster. + properties: + config: + additionalProperties: + type: string + description: 'Config: Key-value pairs for configuring an add-on.' + type: object + enabled: + description: 'Enabled: Whether the add-on is enabled or not.' + type: boolean + identity: + description: 'Identity: Information of user assigned identity used by this add-on.' + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object + type: object + description: 'AddonProfiles: The profile of managed cluster add-on.' + type: object + agentPoolProfiles: + description: 'AgentPoolProfiles: The agent pool properties.' + items: + description: Profile for the container service agent pool. + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + type: string + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' + type: string + type: object + currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. + type: string + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + type: string + hostGroupID: + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + type: string + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + type: string + name: + description: 'Name: Windows agent pool names must be 6 characters or less.' + type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + type: string + type: object + type: array + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' + items: + type: string + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object + nodeImageVersion: + description: 'NodeImageVersion: The version of node image' + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + type: string + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + type: string + podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + type: string + type: object + provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' + type: string + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + type: object + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: The type of Agent Pool.' + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + type: integer + maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + type: integer + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + type: string + type: object + type: array + apiServerAccessProfile: + description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' + properties: + authorizedIPRanges: + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). + items: + type: string + type: array + disableRunCommand: + description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' + type: boolean + enablePrivateCluster: + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). + type: boolean + enablePrivateClusterPublicFQDN: + description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' + type: boolean + privateDNSZone: + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. + type: string + type: object + autoScalerProfile: + description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + properties: + balance-similar-node-groups: + description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' + type: string + daemonset-eviction-for-empty-nodes: + description: |- + DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the + node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be + deleted without ensuring that daemonset pods are deleted or evicted. + type: boolean + daemonset-eviction-for-occupied-nodes: + description: |- + DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion + of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node + will be deleted without ensuring that daemonset pods are deleted or evicted. + type: boolean + expander: + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. + type: string + ignore-daemonsets-utilization: + description: |- + IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making + scaling down decisions. + type: boolean + max-empty-bulk-delete: + description: 'MaxEmptyBulkDelete: The default is 10.' + type: string + max-graceful-termination-sec: + description: 'MaxGracefulTerminationSec: The default is 600.' + type: string + max-node-provision-time: + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + max-total-unready-percentage: + description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' + type: string + new-pod-scale-up-delay: + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). + type: string + ok-total-unready-count: + description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' + type: string + scale-down-delay-after-add: + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-delay-after-delete: + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. + type: string + scale-down-delay-after-failure: + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. + type: string + scale-down-unneeded-time: + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-unready-time: + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-utilization-threshold: + description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' + type: string + scan-interval: + description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' + type: string + skip-nodes-with-local-storage: + description: 'SkipNodesWithLocalStorage: The default is true.' + type: string + skip-nodes-with-system-pods: + description: 'SkipNodesWithSystemPods: The default is true.' + type: string + type: object + autoUpgradeProfile: + description: 'AutoUpgradeProfile: The auto upgrade configuration.' + properties: + nodeOSUpgradeChannel: + description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' + type: string + upgradeChannel: + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). + type: string + type: object + azureMonitorProfile: + description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' + properties: + metrics: + description: |- + Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. + properties: + enabled: + description: |- + Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See + aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. + type: boolean + kubeStateMetrics: + description: |- + KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. + properties: + metricAnnotationsAllowList: + description: |- + MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's + labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric + contains only resource name and namespace labels. + type: string + metricLabelsAllowlist: + description: |- + MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only + resource name and namespace labels. + type: string + type: object + type: object + type: object + azurePortalFQDN: + description: |- + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. + type: string + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + currentKubernetesVersion: + description: |- + CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be + exactly equal to it. If kubernetesVersion was , this field will contain the full + version being used. + type: string + disableLocalAccounts: + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). + type: boolean + diskEncryptionSetID: + description: |- + DiskEncryptionSetID: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + type: string + dnsPrefix: + description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. + type: string + enablePodSecurityPolicy: + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. + type: boolean + enableRBAC: + description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' + type: boolean + extendedLocation: + description: 'ExtendedLocation: The extended location of the Virtual Machine.' + properties: + name: + description: 'Name: The name of the extended location.' + type: string + type: + description: 'Type: The type of the extended location.' + type: string + type: object + fqdn: + description: 'Fqdn: The FQDN of the master pool.' + type: string + fqdnSubdomain: + description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' + type: string + httpProxyConfig: + description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + properties: + httpProxy: + description: 'HttpProxy: The HTTP proxy server endpoint to use.' + type: string + httpsProxy: + description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' + type: string + noProxy: + description: 'NoProxy: The endpoints that should not go through proxy.' + items: + type: string + type: array + trustedCa: + description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' + type: string + type: object + id: + description: |- + Id: Fully qualified resource ID for the resource. E.g. + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + type: string + identity: + description: 'Identity: The identity of the managed cluster, if configured.' + properties: + delegatedResources: + additionalProperties: + description: Delegated resource properties - internal use only. + properties: + location: + description: 'Location: The source resource location - internal use only.' + type: string + referralResource: + description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' + type: string + resourceId: + description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' + type: string + tenantId: + description: 'TenantId: The tenant id of the delegated resource - internal use only.' + type: string + type: object + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. + type: object + principalId: + description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' + type: string + tenantId: + description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' + type: string + type: + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + type: string + userAssignedIdentities: + additionalProperties: + properties: + clientId: + description: 'ClientId: The client id of user assigned identity.' + type: string + principalId: + description: 'PrincipalId: The principal id of user assigned identity.' + type: string + type: object + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. + type: object + type: object + identityProfile: + additionalProperties: + description: Details about a user assigned identity. + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object + description: |- + IdentityProfile: The user identity associated with the managed cluster. This identity will be used by the kubelet. Only + one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}". + type: object + ingressProfile: + description: 'IngressProfile: Ingress profile for the managed cluster.' + properties: + webAppRouting: + description: |- + WebAppRouting: App Routing settings for the ingress profile. You can find an overview and onboarding guide for this + feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default. + properties: + dnsZoneResourceIds: + description: |- + DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only when + Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all public + DNS zones must be in the same resource group and all private DNS zones must be in the same resource group. + items: + type: string + type: array + enabled: + description: 'Enabled: Whether to enable the Application Routing add-on.' + type: boolean + identity: + description: |- + Identity: Managed identity of the Application Routing add-on. This is the identity that should be granted permissions, + for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See [this overview + of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more instructions. + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object + type: object + type: object + kubernetesVersion: + description: |- + KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All + upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or + 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. + type: string + linuxProfile: + description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' + properties: + adminUsername: + description: 'AdminUsername: The administrator username to use for Linux VMs.' + type: string + ssh: + description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' + properties: + publicKeys: + description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' + items: + description: Contains information about SSH certificate public key data. + properties: + keyData: + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. + type: string + type: object + type: array + type: object + type: object + location: + description: 'Location: The geo-location where the resource lives' + type: string + maxAgentPools: + description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' + type: integer + metricsProfile: + description: 'MetricsProfile: Optional cluster metrics configuration.' + properties: + costAnalysis: + description: 'CostAnalysis: The cost analysis configuration for the cluster' + properties: + enabled: + description: |- + Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will + add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the + default is false. For more information see aka.ms/aks/docs/cost-analysis. + type: boolean + type: object + type: object + name: + description: 'Name: The name of the resource' + type: string + networkProfile: + description: 'NetworkProfile: The network configuration profile.' + properties: + advancedNetworking: + description: |- + AdvancedNetworking: Advanced Networking profile for enabling observability and security feature suite on a cluster. For + more information see aka.ms/aksadvancednetworking. + properties: + enabled: + description: |- + Enabled: Indicates the enablement of Advanced Networking functionalities of observability and security on AKS clusters. + When this is set to true, all observability and security features will be set to enabled unless explicitly disabled. If + not specified, the default is false. + type: boolean + observability: + description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' + properties: + enabled: + description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' + type: boolean + type: object + security: + description: 'Security: Security profile to enable security features on cilium based cluster.' + properties: + enabled: + description: |- + Enabled: This feature allows user to configure network policy based on DNS (FQDN) names. It can be enabled only on + cilium based clusters. If not specified, the default is false. + type: boolean + type: object + type: object + dnsServiceIP: + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. + type: string + ipFamilies: + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. + items: + type: string + type: array + loadBalancerProfile: + description: 'LoadBalancerProfile: Profile of the cluster load balancer.' + properties: + allocatedOutboundPorts: + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + type: integer + backendPoolType: + description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' + type: string + effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' + items: + description: A reference to an Azure resource. + properties: + id: + description: 'Id: The fully qualified Azure resource id.' + type: string + type: object + type: array + enableMultipleStandardLoadBalancers: + description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' + type: boolean + idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. + type: integer + managedOutboundIPs: + description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' + properties: + count: + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. + type: integer + countIPv6: + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + type: integer + type: object + outboundIPPrefixes: + description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' + properties: + publicIPPrefixes: + description: 'PublicIPPrefixes: A list of public IP prefix resources.' + items: + description: A reference to an Azure resource. + properties: + id: + description: 'Id: The fully qualified Azure resource id.' + type: string + type: object + type: array + type: object + outboundIPs: + description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' + properties: + publicIPs: + description: 'PublicIPs: A list of public IP resources.' + items: + description: A reference to an Azure resource. + properties: + id: + description: 'Id: The fully qualified Azure resource id.' + type: string + type: object + type: array + type: object + type: object + loadBalancerSku: + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. + type: string + natGatewayProfile: + description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' + properties: + effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' + items: + description: A reference to an Azure resource. + properties: + id: + description: 'Id: The fully qualified Azure resource id.' + type: string + type: object + type: array + idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. + type: integer + managedOutboundIPProfile: + description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' + properties: + count: + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. + type: integer + type: object + type: object + networkDataplane: + description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' + type: string + networkMode: + description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + type: string + networkPlugin: + description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + type: string + networkPluginMode: + description: 'NetworkPluginMode: The mode the network plugin should use.' + type: string + networkPolicy: + description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + type: string + outboundType: + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + type: string + podCidr: + description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + type: string + podCidrs: + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. + items: + type: string + type: array + serviceCidr: + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. + type: string + serviceCidrs: + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. + items: + type: string + type: array + type: object + nodeResourceGroup: + description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' + type: string + nodeResourceGroupProfile: + description: 'NodeResourceGroupProfile: Profile of the node resource group configuration.' + properties: + restrictionLevel: + description: |- + RestrictionLevel: The restriction level applied to the cluster's node resource group. If not specified, the default is + 'Unrestricted' + type: string + type: object + oidcIssuerProfile: + description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' + properties: + enabled: + description: 'Enabled: Whether the OIDC issuer is enabled.' + type: boolean + issuerURL: + description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' + type: string + type: object + podIdentityProfile: + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. + properties: + allowNetworkPluginKubenet: + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. + type: boolean + enabled: + description: 'Enabled: Whether the pod identity addon is enabled.' + type: boolean + userAssignedIdentities: + description: 'UserAssignedIdentities: The pod identities to use in the cluster.' + items: + description: Details about the pod identity assigned to the Managed Cluster. + properties: + bindingSelector: + description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' + type: string + identity: + description: 'Identity: The user assigned identity details.' + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object + name: + description: 'Name: The name of the pod identity.' + type: string + namespace: + description: 'Namespace: The namespace of the pod identity.' + type: string + provisioningInfo: + properties: + error: + description: 'Error: Pod identity assignment error (if any).' + properties: + error: + description: 'Error: Details about the error.' + properties: + code: + description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' + type: string + details: + description: 'Details: A list of additional details about the error.' + items: + properties: + code: + description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' + type: string + message: + description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' + type: string + target: + description: 'Target: The target of the particular error. For example, the name of the property in error.' + type: string + type: object + type: array + message: + description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' + type: string + target: + description: 'Target: The target of the particular error. For example, the name of the property in error.' + type: string + type: object + type: object + type: object + provisioningState: + description: 'ProvisioningState: The current provisioning state of the pod identity.' + type: string + type: object + type: array + userAssignedIdentityExceptions: + description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' + items: + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + name: + description: 'Name: The name of the pod identity exception.' + type: string + namespace: + description: 'Namespace: The namespace of the pod identity exception.' + type: string + podLabels: + additionalProperties: + type: string + description: 'PodLabels: The pod labels to match.' + type: object + type: object + type: array + type: object + powerState: + description: 'PowerState: The Power State of the cluster.' + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + type: string + type: object + privateFQDN: + description: 'PrivateFQDN: The FQDN of private cluster.' + type: string + privateLinkResources: + description: 'PrivateLinkResources: Private link resources associated with the cluster.' + items: + description: A private link resource + properties: + groupId: + description: 'GroupId: The group ID of the resource.' + type: string + id: + description: 'Id: The ID of the private link resource.' + type: string + name: + description: 'Name: The name of the private link resource.' + type: string + privateLinkServiceID: + description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' + type: string + requiredMembers: + description: 'RequiredMembers: The RequiredMembers of the resource' + items: + type: string + type: array + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + provisioningState: + description: 'ProvisioningState: The current provisioning state.' + type: string + publicNetworkAccess: + description: 'PublicNetworkAccess: Allow or deny public network access for AKS' + type: string + resourceUID: + description: |- + ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create + sequence) + type: string + securityProfile: + description: 'SecurityProfile: Security profile for the managed cluster.' + properties: + azureKeyVaultKms: + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. + properties: + enabled: + description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' + type: boolean + keyId: + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. + type: string + keyVaultNetworkAccess: + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. + type: string + keyVaultResourceId: + description: |- + KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must + be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + type: string + type: object + defender: + description: 'Defender: Microsoft Defender settings for the security profile.' + properties: + logAnalyticsWorkspaceResourceId: + description: |- + LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. + When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft + Defender is disabled, leave the field empty. + type: string + securityMonitoring: + description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Defender threat detection' + type: boolean + type: object + type: object + imageCleaner: + description: 'ImageCleaner: Image Cleaner settings for the security profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' + type: boolean + intervalHours: + description: 'IntervalHours: Image Cleaner scanning interval in hours.' + type: integer + type: object + workloadIdentity: + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. + properties: + enabled: + description: 'Enabled: Whether to enable workload identity.' + type: boolean + type: object + type: object + serviceMeshProfile: + description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' + properties: + istio: + description: 'Istio: Istio service mesh configuration.' + properties: + certificateAuthority: + description: |- + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca + properties: + plugin: + description: 'Plugin: Plugin certificates information for Service Mesh.' + properties: + certChainObjectName: + description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' + type: string + certObjectName: + description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' + type: string + keyObjectName: + description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' + type: string + keyVaultId: + description: 'KeyVaultId: The resource ID of the Key Vault.' + type: string + rootCertObjectName: + description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' + type: string + type: object + type: object + components: + description: 'Components: Istio components configuration.' + properties: + egressGateways: + description: 'EgressGateways: Istio egress gateways.' + items: + description: Istio egress gateway configuration. + properties: + enabled: + description: 'Enabled: Whether to enable the egress gateway.' + type: boolean + type: object + type: array + ingressGateways: + description: 'IngressGateways: Istio ingress gateways.' + items: + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + enabled: + description: 'Enabled: Whether to enable the ingress gateway.' + type: boolean + mode: + description: 'Mode: Mode of an ingress gateway.' + type: string + type: object + type: array + type: object + revisions: + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade + items: + type: string + type: array + type: object + mode: + description: 'Mode: Mode of the service mesh.' + type: string + type: object + servicePrincipalProfile: + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. + properties: + clientId: + description: 'ClientId: The ID for the service principal.' + type: string + type: object + sku: + description: 'Sku: The managed cluster SKU.' + properties: + name: + description: 'Name: The name of a managed cluster SKU.' + type: string + tier: + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. + type: string + type: object + storageProfile: + description: 'StorageProfile: Storage profile for the managed cluster.' + properties: + blobCSIDriver: + description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' + type: boolean + type: object + diskCSIDriver: + description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' + type: boolean + type: object + fileCSIDriver: + description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' + type: boolean + type: object + snapshotController: + description: 'SnapshotController: Snapshot Controller settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' + type: boolean + type: object + type: object + supportPlan: + description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' + type: string + systemData: + description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' + properties: + createdAt: + description: 'CreatedAt: The timestamp of resource creation (UTC).' + type: string + createdBy: + description: 'CreatedBy: The identity that created the resource.' + type: string + createdByType: + description: 'CreatedByType: The type of identity that created the resource.' + type: string + lastModifiedAt: + description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' + type: string + lastModifiedBy: + description: 'LastModifiedBy: The identity that last modified the resource.' + type: string + lastModifiedByType: + description: 'LastModifiedByType: The type of identity that last modified the resource.' + type: string + type: object + tags: + additionalProperties: + type: string + description: 'Tags: Resource tags.' + type: object + type: + description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading a cluster.' + properties: + overrideSettings: + description: 'OverrideSettings: Settings for overrides.' + properties: + forceUpgrade: + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. + type: boolean + until: + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. + type: string + type: object + type: object + windowsProfile: + description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' + properties: + adminUsername: + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters + type: string + enableCSIProxy: + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). + type: boolean + gmsaProfile: + description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' + properties: + dnsServer: + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + type: string + enabled: + description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' + type: boolean + rootDomainName: + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + type: string + type: object + licenseType: + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + type: string + type: object + workloadAutoScalerProfile: + description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' + properties: + keda: + description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' + properties: + enabled: + description: 'Enabled: Whether to enable KEDA.' + type: boolean + type: object + verticalPodAutoscaler: + description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' + properties: + enabled: + description: 'Enabled: Whether to enable VPA. Default value is false.' + type: boolean + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20240901storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20240901.ManagedCluster + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20240901.ManagedCluster_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + aadProfile: + description: |- + Storage version of v1api20240901.ManagedClusterAADProfile + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminGroupObjectIDs: + items: + type: string + type: array + clientAppID: + type: string + enableAzureRBAC: + type: boolean + managed: + type: boolean + serverAppID: + type: string + serverAppSecret: + type: string + tenantID: + type: string + type: object + addonProfiles: + additionalProperties: + description: |- + Storage version of v1api20240901.ManagedClusterAddonProfile + A Kubernetes add-on profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + config: + additionalProperties: + type: string + type: object + enabled: + type: boolean + type: object + type: object + agentPoolProfiles: + items: + description: |- + Storage version of v1api20240901.ManagedClusterAgentPoolProfile + Profile for the container service agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: + items: + type: string + type: array + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + count: + type: integer + creationData: + description: |- + Storage version of v1api20240901.CreationData + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + enableAutoScaling: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gpuInstanceProfile: + type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: |- + Storage version of v1api20240901.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: |- + Storage version of v1api20240901.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: |- + Storage version of v1api20240901.SysctlConfig + Sysctl settings for Linux agent nodes. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + minCount: + type: integer + mode: + type: string + name: + type: string + networkProfile: + description: |- + Storage version of v1api20240901.AgentPoolNetworkProfile + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20240901.PortRange + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroupsReferences: + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20240901.IPTag + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + powerState: + description: |- + Storage version of v1api20240901.PowerState + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + securityProfile: + description: |- + Storage version of v1api20240901.AgentPoolSecurityProfile + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + type: object + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240901.AgentPoolUpgradeSettings + Settings for upgrading an agentpool + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: + type: string + nodeSoakDurationInMinutes: + type: integer + type: object + vmSize: + type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + windowsProfile: + description: |- + Storage version of v1api20240901.AgentPoolWindowsProfile + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object + workloadRuntime: + type: string + type: object + type: array + apiServerAccessProfile: + description: |- + Storage version of v1api20240901.ManagedClusterAPIServerAccessProfile + Access profile for managed cluster API server. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: + items: + type: string + type: array + disableRunCommand: + type: boolean + enablePrivateCluster: + type: boolean + enablePrivateClusterPublicFQDN: + type: boolean + privateDNSZone: + type: string + type: object + autoScalerProfile: + description: Storage version of v1api20240901.ManagedClusterProperties_AutoScalerProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + balance-similar-node-groups: + type: string + daemonset-eviction-for-empty-nodes: + type: boolean + daemonset-eviction-for-occupied-nodes: + type: boolean + expander: + type: string + ignore-daemonsets-utilization: + type: boolean + max-empty-bulk-delete: + type: string + max-graceful-termination-sec: + type: string + max-node-provision-time: + type: string + max-total-unready-percentage: + type: string + new-pod-scale-up-delay: + type: string + ok-total-unready-count: + type: string + scale-down-delay-after-add: + type: string + scale-down-delay-after-delete: + type: string + scale-down-delay-after-failure: + type: string + scale-down-unneeded-time: + type: string + scale-down-unready-time: + type: string + scale-down-utilization-threshold: + type: string + scan-interval: + type: string + skip-nodes-with-local-storage: + type: string + skip-nodes-with-system-pods: + type: string + type: object + autoUpgradeProfile: + description: |- + Storage version of v1api20240901.ManagedClusterAutoUpgradeProfile + Auto upgrade profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + nodeOSUpgradeChannel: + type: string + upgradeChannel: + type: string + type: object + azureMonitorProfile: + description: |- + Storage version of v1api20240901.ManagedClusterAzureMonitorProfile + Azure Monitor addon profiles for monitoring the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metrics: + description: |- + Storage version of v1api20240901.ManagedClusterAzureMonitorProfileMetrics + Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + kubeStateMetrics: + description: |- + Storage version of v1api20240901.ManagedClusterAzureMonitorProfileKubeStateMetrics + Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metricAnnotationsAllowList: + type: string + metricLabelsAllowlist: + type: string + type: object + type: object + type: object + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + disableLocalAccounts: + type: boolean + diskEncryptionSetReference: + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + dnsPrefix: + type: string + enablePodSecurityPolicy: + type: boolean + enableRBAC: + type: boolean + extendedLocation: + description: |- + Storage version of v1api20240901.ExtendedLocation + The complex type of the extended location. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + type: + type: string + type: object + fqdnSubdomain: + type: string + httpProxyConfig: + description: |- + Storage version of v1api20240901.ManagedClusterHTTPProxyConfig + Cluster HTTP proxy configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + httpProxy: + type: string + httpsProxy: + type: string + noProxy: + items: + type: string + type: array + trustedCa: + type: string + type: object + identity: + description: |- + Storage version of v1api20240901.ManagedClusterIdentity + Identity for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + delegatedResources: + additionalProperties: + description: |- + Storage version of v1api20240901.DelegatedResource + Delegated resource properties - internal use only. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + location: + type: string + referralResource: + type: string + resourceReference: + description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + tenantId: + type: string + type: object + type: object + type: + type: string + userAssignedIdentities: + items: + description: |- + Storage version of v1api20240901.UserAssignedIdentityDetails + Information about the user assigned identity for the resource + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + identityProfile: + additionalProperties: + description: |- + Storage version of v1api20240901.UserAssignedIdentity + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: object + ingressProfile: + description: |- + Storage version of v1api20240901.ManagedClusterIngressProfile + Ingress profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + webAppRouting: + description: |- + Storage version of v1api20240901.ManagedClusterIngressProfileWebAppRouting + Application Routing add-on settings for the ingress profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsZoneResourceReferences: + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + enabled: + type: boolean + type: object + type: object + kubernetesVersion: + type: string + linuxProfile: + description: |- + Storage version of v1api20240901.ContainerServiceLinuxProfile + Profile for Linux VMs in the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminUsername: + type: string + ssh: + description: |- + Storage version of v1api20240901.ContainerServiceSshConfiguration + SSH configuration for Linux-based VMs running on Azure. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicKeys: + items: + description: |- + Storage version of v1api20240901.ContainerServiceSshPublicKey + Contains information about SSH certificate public key data. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: + type: string + type: object + type: array + type: object + type: object + location: + type: string + metricsProfile: + description: |- + Storage version of v1api20240901.ManagedClusterMetricsProfile + The metrics profile for the ManagedCluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + costAnalysis: + description: |- + Storage version of v1api20240901.ManagedClusterCostAnalysis + The cost analysis configuration for the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + networkProfile: + description: |- + Storage version of v1api20240901.ContainerServiceNetworkProfile + Profile of network configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + advancedNetworking: + description: |- + Storage version of v1api20240901.AdvancedNetworking + Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see + aka.ms/aksadvancednetworking. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + observability: + description: |- + Storage version of v1api20240901.AdvancedNetworkingObservability + Observability profile to enable advanced network metrics and flow logs with historical contexts. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + security: + description: |- + Storage version of v1api20240901.AdvancedNetworkingSecurity + Security profile to enable security features on cilium based cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + dnsServiceIP: + type: string + ipFamilies: + items: + type: string + type: array + loadBalancerProfile: + description: |- + Storage version of v1api20240901.ManagedClusterLoadBalancerProfile + Profile of the managed cluster load balancer. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allocatedOutboundPorts: + type: integer + backendPoolType: + type: string + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240901.ResourceReference + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + enableMultipleStandardLoadBalancers: + type: boolean + idleTimeoutInMinutes: + type: integer + managedOutboundIPs: + description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + countIPv6: + type: integer + type: object + outboundIPPrefixes: + description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixes: + items: + description: |- + Storage version of v1api20240901.ResourceReference + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + outboundIPs: + description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_OutboundIPs + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPs: + items: + description: |- + Storage version of v1api20240901.ResourceReference + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + type: object + loadBalancerSku: + type: string + natGatewayProfile: + description: |- + Storage version of v1api20240901.ManagedClusterNATGatewayProfile + Profile of the managed cluster NAT gateway. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240901.ResourceReference + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + idleTimeoutInMinutes: + type: integer + managedOutboundIPProfile: + description: |- + Storage version of v1api20240901.ManagedClusterManagedOutboundIPProfile + Profile of the managed outbound IP resources of the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + type: object + type: object + networkDataplane: + type: string + networkMode: + type: string + networkPlugin: + type: string + networkPluginMode: + type: string + networkPolicy: + type: string + outboundType: + type: string + podCidr: + type: string + podCidrs: + items: + type: string + type: array + serviceCidr: + type: string + serviceCidrs: + items: + type: string + type: array + type: object + nodeResourceGroup: + type: string + nodeResourceGroupProfile: + description: |- + Storage version of v1api20240901.ManagedClusterNodeResourceGroupProfile + Node resource group lockdown profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + restrictionLevel: + type: string + type: object + oidcIssuerProfile: + description: |- + Storage version of v1api20240901.ManagedClusterOIDCIssuerProfile + The OIDC issuer profile of the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + operatorSpec: + description: |- + Storage version of v1api20240901.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: Storage version of v1api20240901.ManagedClusterOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + oidcIssuerProfile: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secrets: + description: Storage version of v1api20240901.ManagedClusterOperatorSecrets + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to: ConfigMapDestination in configmaps.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced. + type: string + name: + description: |- + Name is the name of the Kubernetes secret to write to. + The secret will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podIdentityProfile: + description: |- + Storage version of v1api20240901.ManagedClusterPodIdentityProfile + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowNetworkPluginKubenet: + type: boolean + enabled: + type: boolean + userAssignedIdentities: + items: + description: |- + Storage version of v1api20240901.ManagedClusterPodIdentity + Details about the pod identity assigned to the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + bindingSelector: + type: string + identity: + description: |- + Storage version of v1api20240901.UserAssignedIdentity + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + name: + type: string + namespace: + type: string + type: object + type: array + userAssignedIdentityExceptions: + items: + description: |- + Storage version of v1api20240901.ManagedClusterPodIdentityException + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + namespace: + type: string + podLabels: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + privateLinkResources: + items: + description: |- + Storage version of v1api20240901.PrivateLinkResource + A private link resource + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupId: + type: string + name: + type: string + reference: + description: 'Reference: The ID of the private link resource.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requiredMembers: + items: + type: string + type: array + type: + type: string + type: object + type: array + publicNetworkAccess: + type: string + securityProfile: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfile + Security profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + azureKeyVaultKms: + description: |- + Storage version of v1api20240901.AzureKeyVaultKms + Azure Key Vault key management service settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + keyId: + type: string + keyVaultNetworkAccess: + type: string + keyVaultResourceReference: + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + defender: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfileDefender + Microsoft Defender settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + securityMonitoring: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfileDefenderSecurityMonitoring + Microsoft Defender settings for the security profile threat detection. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + imageCleaner: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfileImageCleaner + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + intervalHours: + type: integer + type: object + workloadIdentity: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfileWorkloadIdentity + Workload identity settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + serviceMeshProfile: + description: |- + Storage version of v1api20240901.ServiceMeshProfile + Service mesh profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + istio: + description: |- + Storage version of v1api20240901.IstioServiceMesh + Istio service mesh configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certificateAuthority: + description: |- + Storage version of v1api20240901.IstioCertificateAuthority + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + plugin: + description: |- + Storage version of v1api20240901.IstioPluginCertificateAuthority + Plugin certificates information for Service Mesh. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certChainObjectName: + type: string + certObjectName: + type: string + keyObjectName: + type: string + keyVaultReference: + description: 'KeyVaultReference: The resource ID of the Key Vault.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + rootCertObjectName: + type: string + type: object + type: object + components: + description: |- + Storage version of v1api20240901.IstioComponents + Istio components configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + egressGateways: + items: + description: |- + Storage version of v1api20240901.IstioEgressGateway + Istio egress gateway configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: array + ingressGateways: + items: + description: |- + Storage version of v1api20240901.IstioIngressGateway + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + mode: + type: string + type: object + type: array + type: object + revisions: + items: + type: string + type: array + type: object + mode: + type: string + type: object + servicePrincipalProfile: + description: |- + Storage version of v1api20240901.ManagedClusterServicePrincipalProfile + Information about a service principal identity for the cluster to use for manipulating Azure APIs. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + sku: + description: |- + Storage version of v1api20240901.ManagedClusterSKU + The SKU of a Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + tier: + type: string + type: object + storageProfile: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfile + Storage profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + blobCSIDriver: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfileBlobCSIDriver + AzureBlob CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + diskCSIDriver: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfileDiskCSIDriver + AzureDisk CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + fileCSIDriver: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfileFileCSIDriver + AzureFile CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + snapshotController: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfileSnapshotController + Snapshot Controller settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + supportPlan: + type: string + tags: + additionalProperties: + type: string + type: object + upgradeSettings: + description: |- + Storage version of v1api20240901.ClusterUpgradeSettings + Settings for upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + overrideSettings: + description: |- + Storage version of v1api20240901.UpgradeOverrideSettings + Settings for overrides when upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + forceUpgrade: + type: boolean + until: + type: string + type: object + type: object + windowsProfile: + description: |- + Storage version of v1api20240901.ManagedClusterWindowsProfile + Profile for Windows VMs in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminPassword: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + adminUsername: + type: string + enableCSIProxy: + type: boolean + gmsaProfile: + description: |- + Storage version of v1api20240901.WindowsGmsaProfile + Windows gMSA Profile in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServer: + type: string + enabled: + type: boolean + rootDomainName: + type: string + type: object + licenseType: + type: string + type: object + workloadAutoScalerProfile: + description: |- + Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfile + Workload Auto-scaler profile for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keda: + description: |- + Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfileKeda + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + verticalPodAutoscaler: + description: |- + Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler + VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + required: + - owner + type: object + status: + description: |- + Storage version of v1api20240901.ManagedCluster_STATUS + Managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + aadProfile: + description: |- + Storage version of v1api20240901.ManagedClusterAADProfile_STATUS + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminGroupObjectIDs: + items: + type: string + type: array + clientAppID: + type: string + enableAzureRBAC: + type: boolean + managed: + type: boolean + serverAppID: + type: string + serverAppSecret: + type: string + tenantID: + type: string + type: object + addonProfiles: + additionalProperties: + description: |- + Storage version of v1api20240901.ManagedClusterAddonProfile_STATUS + A Kubernetes add-on profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + config: + additionalProperties: + type: string + type: object + enabled: + type: boolean + identity: + description: |- + Storage version of v1api20240901.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + type: object + agentPoolProfiles: + items: + description: |- + Storage version of v1api20240901.ManagedClusterAgentPoolProfile_STATUS + Profile for the container service agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: + items: + type: string + type: array + capacityReservationGroupID: + type: string + count: + type: integer + creationData: + description: |- + Storage version of v1api20240901.CreationData_STATUS + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceId: + type: string + type: object + currentOrchestratorVersion: + type: string + eTag: + type: string + enableAutoScaling: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gpuInstanceProfile: + type: string + hostGroupID: + type: string + kubeletConfig: + description: |- + Storage version of v1api20240901.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: |- + Storage version of v1api20240901.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: |- + Storage version of v1api20240901.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + minCount: + type: integer + mode: + type: string + name: + type: string + networkProfile: + description: |- + Storage version of v1api20240901.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20240901.PortRange_STATUS + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroups: + items: + type: string + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20240901.IPTag_STATUS + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object + nodeImageVersion: + type: string + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixID: + type: string + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podSubnetID: + type: string + powerState: + description: |- + Storage version of v1api20240901.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + provisioningState: + type: string + proximityPlacementGroupID: + type: string + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + securityProfile: + description: |- + Storage version of v1api20240901.AgentPoolSecurityProfile_STATUS + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + type: object + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240901.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: + type: string + nodeSoakDurationInMinutes: + type: integer + type: object + vmSize: + type: string + vnetSubnetID: + type: string + windowsProfile: + description: |- + Storage version of v1api20240901.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object + workloadRuntime: + type: string + type: object + type: array + apiServerAccessProfile: + description: |- + Storage version of v1api20240901.ManagedClusterAPIServerAccessProfile_STATUS + Access profile for managed cluster API server. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: + items: + type: string + type: array + disableRunCommand: + type: boolean + enablePrivateCluster: + type: boolean + enablePrivateClusterPublicFQDN: + type: boolean + privateDNSZone: + type: string + type: object + autoScalerProfile: + description: Storage version of v1api20240901.ManagedClusterProperties_AutoScalerProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + balance-similar-node-groups: + type: string + daemonset-eviction-for-empty-nodes: + type: boolean + daemonset-eviction-for-occupied-nodes: + type: boolean + expander: + type: string + ignore-daemonsets-utilization: + type: boolean + max-empty-bulk-delete: + type: string + max-graceful-termination-sec: + type: string + max-node-provision-time: + type: string + max-total-unready-percentage: + type: string + new-pod-scale-up-delay: + type: string + ok-total-unready-count: + type: string + scale-down-delay-after-add: + type: string + scale-down-delay-after-delete: + type: string + scale-down-delay-after-failure: + type: string + scale-down-unneeded-time: + type: string + scale-down-unready-time: + type: string + scale-down-utilization-threshold: + type: string + scan-interval: + type: string + skip-nodes-with-local-storage: + type: string + skip-nodes-with-system-pods: + type: string + type: object + autoUpgradeProfile: + description: |- + Storage version of v1api20240901.ManagedClusterAutoUpgradeProfile_STATUS + Auto upgrade profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + nodeOSUpgradeChannel: + type: string + upgradeChannel: + type: string + type: object + azureMonitorProfile: + description: |- + Storage version of v1api20240901.ManagedClusterAzureMonitorProfile_STATUS + Azure Monitor addon profiles for monitoring the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metrics: + description: |- + Storage version of v1api20240901.ManagedClusterAzureMonitorProfileMetrics_STATUS + Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + kubeStateMetrics: + description: |- + Storage version of v1api20240901.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metricAnnotationsAllowList: + type: string + metricLabelsAllowlist: + type: string + type: object + type: object + type: object + azurePortalFQDN: + type: string + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + currentKubernetesVersion: + type: string + disableLocalAccounts: + type: boolean + diskEncryptionSetID: + type: string + dnsPrefix: + type: string + eTag: + type: string + enablePodSecurityPolicy: + type: boolean + enableRBAC: + type: boolean + extendedLocation: + description: |- + Storage version of v1api20240901.ExtendedLocation_STATUS + The complex type of the extended location. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + type: + type: string + type: object + fqdn: + type: string + fqdnSubdomain: + type: string + httpProxyConfig: + description: |- + Storage version of v1api20240901.ManagedClusterHTTPProxyConfig_STATUS + Cluster HTTP proxy configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + httpProxy: + type: string + httpsProxy: + type: string + noProxy: + items: + type: string + type: array + trustedCa: + type: string + type: object + id: + type: string + identity: + description: |- + Storage version of v1api20240901.ManagedClusterIdentity_STATUS + Identity for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + delegatedResources: + additionalProperties: + description: |- + Storage version of v1api20240901.DelegatedResource_STATUS + Delegated resource properties - internal use only. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + location: + type: string + referralResource: + type: string + resourceId: + type: string + tenantId: + type: string + type: object + type: object + principalId: + type: string + tenantId: + type: string + type: + type: string + userAssignedIdentities: + additionalProperties: + description: Storage version of v1api20240901.ManagedClusterIdentity_UserAssignedIdentities_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + principalId: + type: string + type: object + type: object + type: object + identityProfile: + additionalProperties: + description: |- + Storage version of v1api20240901.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + ingressProfile: + description: |- + Storage version of v1api20240901.ManagedClusterIngressProfile_STATUS + Ingress profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + webAppRouting: + description: |- + Storage version of v1api20240901.ManagedClusterIngressProfileWebAppRouting_STATUS + Application Routing add-on settings for the ingress profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsZoneResourceIds: + items: + type: string + type: array + enabled: + type: boolean + identity: + description: |- + Storage version of v1api20240901.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + type: object + kubernetesVersion: + type: string + linuxProfile: + description: |- + Storage version of v1api20240901.ContainerServiceLinuxProfile_STATUS + Profile for Linux VMs in the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminUsername: + type: string + ssh: + description: |- + Storage version of v1api20240901.ContainerServiceSshConfiguration_STATUS + SSH configuration for Linux-based VMs running on Azure. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicKeys: + items: + description: |- + Storage version of v1api20240901.ContainerServiceSshPublicKey_STATUS + Contains information about SSH certificate public key data. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: + type: string + type: object + type: array + type: object + type: object + location: + type: string + maxAgentPools: + type: integer + metricsProfile: + description: |- + Storage version of v1api20240901.ManagedClusterMetricsProfile_STATUS + The metrics profile for the ManagedCluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + costAnalysis: + description: |- + Storage version of v1api20240901.ManagedClusterCostAnalysis_STATUS + The cost analysis configuration for the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + name: + type: string + networkProfile: + description: |- + Storage version of v1api20240901.ContainerServiceNetworkProfile_STATUS + Profile of network configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + advancedNetworking: + description: |- + Storage version of v1api20240901.AdvancedNetworking_STATUS + Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see + aka.ms/aksadvancednetworking. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + observability: + description: |- + Storage version of v1api20240901.AdvancedNetworkingObservability_STATUS + Observability profile to enable advanced network metrics and flow logs with historical contexts. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + security: + description: |- + Storage version of v1api20240901.AdvancedNetworkingSecurity_STATUS + Security profile to enable security features on cilium based cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + dnsServiceIP: + type: string + ipFamilies: + items: + type: string + type: array + loadBalancerProfile: + description: |- + Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_STATUS + Profile of the managed cluster load balancer. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allocatedOutboundPorts: + type: integer + backendPoolType: + type: string + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240901.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + enableMultipleStandardLoadBalancers: + type: boolean + idleTimeoutInMinutes: + type: integer + managedOutboundIPs: + description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + countIPv6: + type: integer + type: object + outboundIPPrefixes: + description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixes: + items: + description: |- + Storage version of v1api20240901.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + type: object + outboundIPs: + description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPs: + items: + description: |- + Storage version of v1api20240901.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + type: object + type: object + loadBalancerSku: + type: string + natGatewayProfile: + description: |- + Storage version of v1api20240901.ManagedClusterNATGatewayProfile_STATUS + Profile of the managed cluster NAT gateway. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240901.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + idleTimeoutInMinutes: + type: integer + managedOutboundIPProfile: + description: |- + Storage version of v1api20240901.ManagedClusterManagedOutboundIPProfile_STATUS + Profile of the managed outbound IP resources of the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + type: object + type: object + networkDataplane: + type: string + networkMode: + type: string + networkPlugin: + type: string + networkPluginMode: + type: string + networkPolicy: + type: string + outboundType: + type: string + podCidr: + type: string + podCidrs: + items: + type: string + type: array + serviceCidr: + type: string + serviceCidrs: + items: + type: string + type: array + type: object + nodeResourceGroup: + type: string + nodeResourceGroupProfile: + description: |- + Storage version of v1api20240901.ManagedClusterNodeResourceGroupProfile_STATUS + Node resource group lockdown profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + restrictionLevel: + type: string + type: object + oidcIssuerProfile: + description: |- + Storage version of v1api20240901.ManagedClusterOIDCIssuerProfile_STATUS + The OIDC issuer profile of the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + issuerURL: + type: string + type: object + podIdentityProfile: + description: |- + Storage version of v1api20240901.ManagedClusterPodIdentityProfile_STATUS + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowNetworkPluginKubenet: + type: boolean + enabled: + type: boolean + userAssignedIdentities: + items: + description: |- + Storage version of v1api20240901.ManagedClusterPodIdentity_STATUS + Details about the pod identity assigned to the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + bindingSelector: + type: string + identity: + description: |- + Storage version of v1api20240901.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + name: + type: string + namespace: + type: string + provisioningInfo: + description: Storage version of v1api20240901.ManagedClusterPodIdentity_ProvisioningInfo_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: |- + Storage version of v1api20240901.ManagedClusterPodIdentityProvisioningError_STATUS + An error response from the pod identity provisioning. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: |- + Storage version of v1api20240901.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + An error response from the pod identity provisioning. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + details: + items: + description: Storage version of v1api20240901.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string + type: object + type: array + userAssignedIdentityExceptions: + items: + description: |- + Storage version of v1api20240901.ManagedClusterPodIdentityException_STATUS + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + namespace: + type: string + podLabels: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + powerState: + description: |- + Storage version of v1api20240901.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + privateFQDN: + type: string + privateLinkResources: + items: + description: |- + Storage version of v1api20240901.PrivateLinkResource_STATUS + A private link resource + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupId: + type: string + id: + type: string + name: + type: string + privateLinkServiceID: + type: string + requiredMembers: + items: + type: string + type: array + type: + type: string + type: object + type: array + provisioningState: + type: string + publicNetworkAccess: + type: string + resourceUID: + type: string + securityProfile: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfile_STATUS + Security profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + azureKeyVaultKms: + description: |- + Storage version of v1api20240901.AzureKeyVaultKms_STATUS + Azure Key Vault key management service settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + keyId: + type: string + keyVaultNetworkAccess: + type: string + keyVaultResourceId: + type: string + type: object + defender: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfileDefender_STATUS + Microsoft Defender settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + logAnalyticsWorkspaceResourceId: + type: string + securityMonitoring: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Microsoft Defender settings for the security profile threat detection. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + imageCleaner: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfileImageCleaner_STATUS + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + intervalHours: + type: integer + type: object + workloadIdentity: + description: |- + Storage version of v1api20240901.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Workload identity settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + serviceMeshProfile: + description: |- + Storage version of v1api20240901.ServiceMeshProfile_STATUS + Service mesh profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + istio: + description: |- + Storage version of v1api20240901.IstioServiceMesh_STATUS + Istio service mesh configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certificateAuthority: + description: |- + Storage version of v1api20240901.IstioCertificateAuthority_STATUS + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + plugin: + description: |- + Storage version of v1api20240901.IstioPluginCertificateAuthority_STATUS + Plugin certificates information for Service Mesh. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certChainObjectName: + type: string + certObjectName: + type: string + keyObjectName: + type: string + keyVaultId: + type: string + rootCertObjectName: + type: string + type: object + type: object + components: + description: |- + Storage version of v1api20240901.IstioComponents_STATUS + Istio components configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + egressGateways: + items: + description: |- + Storage version of v1api20240901.IstioEgressGateway_STATUS + Istio egress gateway configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: array + ingressGateways: + items: + description: |- + Storage version of v1api20240901.IstioIngressGateway_STATUS + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + mode: + type: string + type: object + type: array + type: object + revisions: + items: + type: string + type: array + type: object + mode: + type: string + type: object + servicePrincipalProfile: + description: |- + Storage version of v1api20240901.ManagedClusterServicePrincipalProfile_STATUS + Information about a service principal identity for the cluster to use for manipulating Azure APIs. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + type: object + sku: + description: |- + Storage version of v1api20240901.ManagedClusterSKU_STATUS + The SKU of a Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + tier: + type: string + type: object + storageProfile: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfile_STATUS + Storage profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + blobCSIDriver: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfileBlobCSIDriver_STATUS + AzureBlob CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + diskCSIDriver: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfileDiskCSIDriver_STATUS + AzureDisk CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + fileCSIDriver: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfileFileCSIDriver_STATUS + AzureFile CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + snapshotController: + description: |- + Storage version of v1api20240901.ManagedClusterStorageProfileSnapshotController_STATUS + Snapshot Controller settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + supportPlan: + type: string + systemData: + description: |- + Storage version of v1api20240901.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: + type: string + type: object + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240901.ClusterUpgradeSettings_STATUS + Settings for upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + overrideSettings: + description: |- + Storage version of v1api20240901.UpgradeOverrideSettings_STATUS + Settings for overrides when upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + forceUpgrade: + type: boolean + until: + type: string + type: object + type: object + windowsProfile: + description: |- + Storage version of v1api20240901.ManagedClusterWindowsProfile_STATUS + Profile for Windows VMs in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminUsername: + type: string + enableCSIProxy: + type: boolean + gmsaProfile: + description: |- + Storage version of v1api20240901.WindowsGmsaProfile_STATUS + Windows gMSA Profile in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServer: + type: string + enabled: + type: boolean + rootDomainName: + type: string + type: object + licenseType: + type: string + type: object + workloadAutoScalerProfile: + description: |- + Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfile_STATUS + Workload Auto-scaler profile for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keda: + description: |- + Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + verticalPodAutoscaler: + description: |- + Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS + VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert + controller-gen.kubebuilder.io/version: v0.16.3 + labels: + app.kubernetes.io/name: azure-service-operator + app.kubernetes.io/version: v2.11.0 + name: managedclustersagentpools.containerservice.azure.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: azureserviceoperator-webhook-service + namespace: azureserviceoperator-system + path: /convert + port: 443 + conversionReviewVersions: + - v1 + group: containerservice.azure.com + names: + kind: ManagedClustersAgentPool + listKind: ManagedClustersAgentPoolList + plural: managedclustersagentpools + singular: managedclustersagentpool + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20210501 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g + type: string + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + minimum: 2 + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + type: integer + sysctls: + properties: + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixIDReference: + description: |- + NodePublicIPPrefixIDReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + description: |- + OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes + version. The node pool version must have the same major version as the control plane. The node pool minor version must + be within two minor versions of the control plane version. The node pool version cannot be greater than the control + plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + maximum: 2048 + minimum: 0 + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed + type: string + osSKU: + description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' + enum: + - CBLMariner + - Ubuntu + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podSubnetIDReference: + description: |- + PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more + details). This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot + type: string + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + maxSurge: + type: string + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetIDReference: + description: |- + VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + required: + - owner + type: object + status: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + type: string + id: + description: 'Id: Resource ID.' + type: string + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + type: integer + sysctls: + properties: + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + nodeImageVersion: + description: 'NodeImageVersion: The version of node image' + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + type: string + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes + version. The node pool version must have the same major version as the control plane. The node pool minor version must + be within two minor versions of the control plane version. The node pool version cannot be greater than the control + plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + type: string + osSKU: + description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + type: string + podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + powerState: + description: 'PowerState: Describes whether the Agent Pool is Running or Stopped' + properties: + code: + type: string + type: object + properties_type: + description: 'PropertiesType: The type of Agent Pool.' + type: string + provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' + type: string + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + type: string + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: Resource type' + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + maxSurge: + type: string + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20210501storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20210501.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20210501.ManagedClustersAgentPool_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: + items: + type: string + type: array + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + count: + type: integer + enableAutoScaling: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gpuInstanceProfile: + type: string + kubeletConfig: + description: Storage version of v1api20210501.KubeletConfig + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: Storage version of v1api20210501.LinuxOSConfig + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: Storage version of v1api20210501.SysctlConfig + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + minCount: + type: integer + mode: + type: string + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixIDReference: + description: |- + NodePublicIPPrefixIDReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + items: + type: string + type: array + operatorSpec: + description: |- + Storage version of v1api20210501.ManagedClustersAgentPoolOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + type: string + originalVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podSubnetIDReference: + description: |- + PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more + details). This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + proximityPlacementGroupID: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: Storage version of v1api20210501.AgentPoolUpgradeSettings + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxSurge: + type: string + type: object + vmSize: + type: string + vnetSubnetIDReference: + description: |- + VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + required: + - owner + type: object + status: + description: Storage version of v1api20210501.ManagedClustersAgentPool_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: + items: + type: string + type: array + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + count: + type: integer + enableAutoScaling: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gpuInstanceProfile: + type: string + id: + type: string + kubeletConfig: + description: Storage version of v1api20210501.KubeletConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: Storage version of v1api20210501.LinuxOSConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: Storage version of v1api20210501.SysctlConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + minCount: + type: integer + mode: + type: string + name: + type: string + nodeImageVersion: + type: string + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixID: + type: string + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podSubnetID: + type: string + powerState: + description: Storage version of v1api20210501.PowerState_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + properties_type: + type: string + provisioningState: + type: string + proximityPlacementGroupID: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: Storage version of v1api20210501.AgentPoolUpgradeSettings_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxSurge: + type: string + type: object + vmSize: + type: string + vnetSubnetID: + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20230201 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g + type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + minimum: 2 + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + type: integer + sysctls: + properties: + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + maximum: 2048 + minimum: 0 + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + enum: + - CBLMariner + - Ubuntu + - Windows2019 + - Windows2022 + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot + type: string + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + maxSurge: + type: string + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - OCIContainer + - WasmWasi + type: string + required: + - owner + type: object + status: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceId: + type: string + type: object + currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. + type: string + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + type: string + hostGroupID: + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + type: string + id: + description: 'Id: Resource ID.' + type: string + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + type: integer + sysctls: + properties: + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + nodeImageVersion: + description: 'NodeImageVersion: The version of node image' + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + type: string + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + type: string + podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + type: string + type: object + properties_type: + description: 'PropertiesType: The type of Agent Pool.' + type: string + provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' + type: string + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + type: string + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: Resource type' + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + maxSurge: + type: string + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20230201storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20230201.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20230201.ManagedClustersAgentPool_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: + items: + type: string + type: array + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + count: + type: integer + creationData: + description: Storage version of v1api20230201.CreationData + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + enableAutoScaling: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gpuInstanceProfile: + type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: Storage version of v1api20230201.KubeletConfig + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: Storage version of v1api20230201.LinuxOSConfig + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: Storage version of v1api20230201.SysctlConfig + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + minCount: + type: integer + mode: + type: string + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + items: + type: string + type: array + operatorSpec: + description: |- + Storage version of v1api20230201.ManagedClustersAgentPoolOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + type: string + originalVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + powerState: + description: Storage version of v1api20230201.PowerState + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: Storage version of v1api20230201.AgentPoolUpgradeSettings + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxSurge: + type: string + type: object + vmSize: + type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + workloadRuntime: + type: string + required: + - owner + type: object + status: + description: Storage version of v1api20230201.ManagedClustersAgentPool_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: + items: + type: string + type: array + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + count: + type: integer + creationData: + description: Storage version of v1api20230201.CreationData_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceId: + type: string + type: object + currentOrchestratorVersion: + type: string + enableAutoScaling: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gpuInstanceProfile: + type: string + hostGroupID: + type: string + id: + type: string + kubeletConfig: + description: Storage version of v1api20230201.KubeletConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: Storage version of v1api20230201.LinuxOSConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: Storage version of v1api20230201.SysctlConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + minCount: + type: integer + mode: + type: string + name: + type: string + nodeImageVersion: + type: string + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixID: + type: string + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podSubnetID: + type: string + powerState: + description: Storage version of v1api20230201.PowerState_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + properties_type: + type: string + provisioningState: + type: string + proximityPlacementGroupID: + type: string + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxSurge: + type: string + type: object + vmSize: + type: string + vnetSubnetID: + type: string + workloadRuntime: + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20231001 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 12 + minLength: 1 + pattern: ^[a-z][a-z0-9]{0,11}$ + type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g + type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. + minimum: 2 + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User + type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + maximum: 65535 + minimum: 1 + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + maximum: 65535 + minimum: 1 + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP + type: string + type: object + type: array + applicationSecurityGroupsReferences: + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + maximum: 2048 + minimum: 0 + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + enum: + - AzureLinux + - CBLMariner + - Ubuntu + - Windows2019 + - Windows2022 + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot + type: string + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 + type: integer + maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - OCIContainer + - WasmWasi + type: string + required: + - owner + type: object + status: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + type: string + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' + type: string + type: object + currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. + type: string + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + type: string + hostGroupID: + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + type: string + id: + description: 'Id: Resource ID.' + type: string + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + type: string + type: object + type: array + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' + items: + type: string + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object + nodeImageVersion: + description: 'NodeImageVersion: The version of node image' + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + type: string + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + type: string + podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + type: string + type: object + properties_type: + description: 'PropertiesType: The type of Agent Pool.' + type: string + provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' + type: string + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + type: string + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: Resource type' + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + type: integer + maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20231001storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20231001.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. @@ -38671,11 +48905,16 @@ spec: metadata: type: object spec: + description: Storage version of v1api20231001.ManagedClustersAgentPool_Spec properties: - availabilityZones: + $propertyBag: + additionalProperties: + type: string description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: items: type: string type: array @@ -38684,235 +48923,313 @@ spec: AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer + creationData: + description: |- + Storage version of v1api20231001.CreationData + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: |- + Storage version of v1api20231001.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: |- + Storage version of v1api20231001.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: |- + Storage version of v1api20231001.SysctlConfig + Sysctl settings for Linux agent nodes. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - System - - User type: string + networkProfile: + description: |- + Storage version of v1api20231001.AgentPoolNetworkProfile + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20231001.PortRange + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroupsReferences: + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20231001.IPTag + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object - nodePublicIPPrefixIDReference: + nodePublicIPPrefixReference: description: |- - NodePublicIPPrefixIDReference: This is of the form: + NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: @@ -38933,42 +49250,91 @@ spec: type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array - orchestratorVersion: + operatorSpec: description: |- - OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes - version. The node pool version must have the same major version as the control plane. The node pool minor version must - be within two minor versions of the control plane version. The node pool version cannot be greater than the control - plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + Storage version of v1api20231001.ManagedClustersAgentPoolOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + type: string + originalVersion: type: string osDiskSizeGB: - maximum: 2048 - minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed type: string osSKU: - description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' - enum: - - CBLMariner - - Ubuntu type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows type: string owner: description: |- @@ -38983,10 +49349,10 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object - podSubnetIDReference: + podSubnetReference: description: |- - PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more - details). This is of the form: + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: @@ -39006,60 +49372,77 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + powerState: + description: |- + Storage version of v1api20231001.PowerState + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: |- + Storage version of v1api20231001.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: - maxSurge: + $propertyBag: + additionalProperties: + type: string description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetIDReference: + vnetSubnetReference: description: |- - VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: @@ -39080,20 +49463,28 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + workloadRuntime: + type: string required: - owner type: object status: + description: Storage version of v1api20231001.ManagedClustersAgentPool_STATUS properties: - availabilityZones: + $propertyBag: + additionalProperties: + type: string description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: items: type: string type: array + capacityReservationGroupID: + type: string conditions: - description: 'Conditions: The observed state of the resource' items: description: Condition defines an extension to status (an observation) of a resource properties: @@ -39137,325 +49528,315 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer + creationData: + description: |- + Storage version of v1api20231001.CreationData_STATUS + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceId: + type: string + type: object + currentOrchestratorVersion: + type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + type: string + hostGroupID: type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: |- + Storage version of v1api20231001.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: |- + Storage version of v1api20231001.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: |- + Storage version of v1api20231001.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string + networkProfile: + description: |- + Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20231001.PortRange_STATUS + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroups: + items: + type: string + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20231001.IPTag_STATUS + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes - version. The node pool version must have the same major version as the control plane. The node pool minor version must - be within two minor versions of the control plane version. The node pool version cannot be greater than the control - plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: Describes whether the Agent Pool is Running or Stopped' + description: |- + Storage version of v1api20231001.PowerState_STATUS + Describes the Power State of the cluster properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: - description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleDownMode: type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: Resource type' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: |- + Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: - maxSurge: + $propertyBag: + additionalProperties: + type: string description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + workloadRuntime: type: string type: object type: object @@ -39476,13 +49857,12 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20210501storage + name: v1api20231102preview schema: openAPIV3Schema: description: |- - Storage version of v1api20210501.ManagedClustersAgentPool Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: @@ -39503,16 +49883,17 @@ spec: metadata: type: object spec: - description: Storage version of v1api20210501.ManagedClusters_AgentPool_Spec properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions + artifactStreamingProfile: + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + properties: + enabled: + type: boolean type: object availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -39520,38 +49901,139 @@ spec: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. + maxLength: 12 + minLength: 1 + pattern: ^[a-z][a-z0-9]{0,11}$ type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceReference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g type: string - kubeletConfig: + gpuProfile: + description: 'GpuProfile: The GPU settings of an agent pool.' + properties: + installGPUDriver: + type: boolean + type: object + hostGroupReference: description: |- - Storage version of v1api20210501.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: - $propertyBag: - additionalProperties: - type: string + armId: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: allowedUnsafeSysctls: items: type: string type: array containerLogMaxFiles: + minimum: 2 type: integer containerLogMaxSizeMB: type: integer @@ -39573,33 +50055,20 @@ spec: type: string type: object kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary type: string linuxOSConfig: - description: |- - Storage version of v1api20210501.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20210501.SysctlConfig - Sysctl settings for Linux agent nodes. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: type: integer fsFileMax: @@ -39645,10 +50114,16 @@ spec: netIpv4TcpTwReuse: type: boolean netIpv4TcpkeepaliveIntvl: + maximum: 90 + minimum: 10 type: integer netNetfilterNfConntrackBuckets: + maximum: 524288 + minimum: 65536 type: integer netNetfilterNfConntrackMax: + maximum: 2097152 + minimum: 131072 type: integer vmMaxMapCount: type: integer @@ -39659,25 +50134,254 @@ spec: type: object transparentHugePageDefrag: type: string - transparentHugePageEnabled: + transparentHugePageEnabled: + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User + type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + items: + properties: + portEnd: + maximum: 65535 + minimum: 1 + type: integer + portStart: + maximum: 65535 + minimum: 1 + type: integer + protocol: + enum: + - TCP + - UDP + type: string + type: object + type: array + applicationSecurityGroupsReferences: + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + items: + properties: + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object + nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` + items: + type: string + type: array + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + maximum: 2048 + minimum: 0 + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. + enum: + - AzureLinux + - CBLMariner + - Mariner + - Ubuntu + - Windows2019 + - Windows2022 + - WindowsAnnual + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. type: string type: object - maxCount: - type: integer - maxPods: - type: integer - minCount: - type: integer - mode: - type: string - nodeLabels: - additionalProperties: - type: string - type: object - nodePublicIPPrefixIDReference: + podSubnetReference: description: |- - NodePublicIPPrefixIDReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: description: |- @@ -39696,40 +50400,20 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - nodeTaints: - items: - type: string - type: array - orchestratorVersion: - type: string - originalVersion: - type: string - osDiskSizeGB: - type: integer - osDiskType: - type: string - osSKU: - type: string - osType: - type: string - owner: + powerState: description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. + code: + enum: + - Running + - Stopped type: string type: object - podSubnetIDReference: - description: |- - PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more - details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: description: |- @@ -39748,40 +50432,109 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - proximityPlacementGroupID: + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete type: string scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete type: string scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + enum: + - Disabled + - LocalUser + type: string + type: object spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + - VirtualMachines type: string upgradeSettings: - description: |- - Storage version of v1api20210501.AgentPoolUpgradeSettings - Settings for upgrading an agentpool + description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + drainTimeoutInMinutes: + maximum: 1440 + minimum: 1 + type: integer maxSurge: type: string + nodeSoakDurationInMinutes: + maximum: 30 + minimum: 0 + type: integer + type: object + virtualMachineNodesStatus: + items: + properties: + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + properties: + scale: + properties: + manual: + items: + properties: + count: + maximum: 1000 + minimum: 0 + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object type: object vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetIDReference: + vnetSubnetReference: description: |- - VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: @@ -39802,24 +50555,42 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + type: boolean + type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - KataMshvVmIsolation + - OCIContainer + - WasmWasi + type: string required: - owner type: object status: - description: Storage version of v1api20210501.ManagedClusters_AgentPool_STATUS properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions + artifactStreamingProfile: + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + properties: + enabled: + type: boolean type: object availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + type: string conditions: + description: 'Conditions: The observed state of the resource' items: description: Condition defines an extension to status (an observation) of a resource properties: @@ -39863,33 +50634,76 @@ spec: type: object type: array count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceId: + type: string + type: object + currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. + type: string enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + type: string + gpuProfile: + description: 'GpuProfile: The GPU settings of an agent pool.' + properties: + installGPUDriver: + type: boolean + type: object + hostGroupID: + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: + description: 'Id: Resource ID.' type: string kubeletConfig: - description: |- - Storage version of v1api20210501.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: items: type: string @@ -39916,33 +50730,17 @@ spec: type: string type: object kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: - description: |- - Storage version of v1api20210501.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20210501.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: type: integer fsFileMax: @@ -40006,90 +50804,227 @@ spec: type: string type: object maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + items: + properties: + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroups: + items: + type: string + type: array + nodePublicIPTags: + items: + properties: + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object nodeImageVersion: + description: 'NodeImageVersion: The version of node image' type: string + nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` + items: + type: string + type: array nodeLabels: additionalProperties: type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. type: string osType: + description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: description: |- - Storage version of v1api20210501.PowerState_STATUS - Describes the Power State of the cluster + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: type: string type: object properties_type: + description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: + description: 'Type: Resource type' type: string upgradeSettings: - description: |- - Storage version of v1api20210501.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool + description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + drainTimeoutInMinutes: + type: integer maxSurge: type: string + nodeSoakDurationInMinutes: + type: integer + type: object + virtualMachineNodesStatus: + items: + properties: + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + properties: + scale: + properties: + manual: + items: + properties: + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object type: object vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + type: boolean + type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -40110,12 +51045,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230201 + name: v1api20231102previewstorage schema: openAPIV3Schema: description: |- + Storage version of v1api20231102preview.ManagedClustersAgentPool Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: @@ -40136,11 +51072,29 @@ spec: metadata: type: object spec: + description: Storage version of v1api20231102preview.ManagedClustersAgentPool_Spec properties: - availabilityZones: + $propertyBag: + additionalProperties: + type: string description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + availabilityZones: items: type: string type: array @@ -40149,18 +51103,40 @@ spec: AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + description: Storage version of v1api20231102preview.CreationData properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: description: |- @@ -40181,39 +51157,32 @@ spec: type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g type: string + gpuProfile: + description: Storage version of v1api20231102preview.AgentPoolGPUProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object hostGroupReference: description: |- HostGroupReference: This is of the form: @@ -40238,191 +51207,212 @@ spec: type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: Storage version of v1api20231102preview.KubeletConfig properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: Storage version of v1api20231102preview.LinuxOSConfig properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: Storage version of v1api20231102preview.SysctlConfig properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - System - - User type: string + networkProfile: + description: Storage version of v1api20231102preview.AgentPoolNetworkProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: Storage version of v1api20231102preview.PortRange + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroupsReferences: + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + items: + description: Storage version of v1api20231102preview.IPTag + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object + nodeInitializationTaints: + items: + type: string + type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: description: |- @@ -40447,49 +51437,91 @@ spec: type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array - orchestratorVersion: + operatorSpec: description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + Storage version of v1api20231102preview.ManagedClustersAgentPoolOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + type: string + originalVersion: type: string osDiskSizeGB: - maximum: 2048 - minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. - enum: - - CBLMariner - - Ubuntu - - Windows2019 - - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows type: string owner: description: |- @@ -40528,16 +51560,16 @@ spec: type: string type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded + description: Storage version of v1api20231102preview.PowerState properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object code: - description: 'Code: Tells whether the cluster is Running or Stopped' - enum: - - Running - - Stopped type: string type: object proximityPlacementGroupReference: @@ -40561,58 +51593,112 @@ spec: type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - enum: - - Deallocate - - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot type: string + securityProfile: + description: Storage version of v1api20231102preview.AgentPoolSecurityProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: Storage version of v1api20231102preview.AgentPoolUpgradeSettings properties: - maxSurge: + $propertyBag: + additionalProperties: + type: string description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: type: string + nodeSoakDurationInMinutes: + type: integer + type: object + virtualMachineNodesStatus: + items: + description: Storage version of v1api20231102preview.VirtualMachineNodes + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: Storage version of v1api20231102preview.VirtualMachinesProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: Storage version of v1api20231102preview.ScaleProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + manual: + items: + description: Storage version of v1api20231102preview.ManualScaleProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: description: |- @@ -40637,26 +51723,54 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: Storage version of v1api20231102preview.AgentPoolWindowsProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - enum: - - OCIContainer - - WasmWasi type: string required: - owner type: object status: + description: Storage version of v1api20231102preview.ManagedClustersAgentPool_STATUS properties: - availabilityZones: + $propertyBag: + additionalProperties: + type: string description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + availabilityZones: items: type: string type: array + capacityReservationGroupID: + type: string conditions: - description: 'Conditions: The observed state of the resource' items: description: Condition defines an extension to status (an observation) of a resource properties: @@ -40700,360 +51814,408 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + description: Storage version of v1api20231102preview.CreationData_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string + gpuProfile: + description: Storage version of v1api20231102preview.AgentPoolGPUProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: Storage version of v1api20231102preview.KubeletConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: Storage version of v1api20231102preview.LinuxOSConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: Storage version of v1api20231102preview.SysctlConfig_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string + networkProfile: + description: Storage version of v1api20231102preview.AgentPoolNetworkProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: Storage version of v1api20231102preview.PortRange_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroups: + items: + type: string + type: array + nodePublicIPTags: + items: + description: Storage version of v1api20231102preview.IPTag_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string + nodeInitializationTaints: + items: + type: string + type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded + description: Storage version of v1api20231102preview.PowerState_STATUS properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: - description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string + securityProfile: + description: Storage version of v1api20231102preview.AgentPoolSecurityProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: Resource type' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: Storage version of v1api20231102preview.AgentPoolUpgradeSettings_STATUS properties: - maxSurge: + $propertyBag: + additionalProperties: + type: string description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: type: string + nodeSoakDurationInMinutes: + type: integer + type: object + virtualMachineNodesStatus: + items: + description: Storage version of v1api20231102preview.VirtualMachineNodes_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: Storage version of v1api20231102preview.VirtualMachinesProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: Storage version of v1api20231102preview.ScaleProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + manual: + items: + description: Storage version of v1api20231102preview.ManualScaleProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + windowsProfile: + description: Storage version of v1api20231102preview.AgentPoolWindowsProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -41074,13 +52236,12 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230201storage + name: v1api20240402preview schema: openAPIV3Schema: description: |- - Storage version of v1api20230201.ManagedClustersAgentPool Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: @@ -41101,16 +52262,20 @@ spec: metadata: type: object spec: - description: Storage version of v1api20230201.ManagedClusters_AgentPool_Spec properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions + artifactStreamingProfile: + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + properties: + enabled: + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. + type: boolean type: object availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -41118,21 +52283,40 @@ spec: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. + maxLength: 12 + minLength: 1 + pattern: ^[a-z][a-z0-9]{0,11}$ type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - Storage version of v1api20230201.CreationData - Data used when creating a target resource from a source resource. + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: @@ -41155,17 +52339,72 @@ spec: type: object type: object enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean + gatewayProfile: + description: |- + GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is + not Gateway. + properties: + publicIPPrefixSize: + description: |- + PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide + public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with + one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure + public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 + nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. + maximum: 31 + minimum: 28 + type: integer + type: object gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g type: string + gpuProfile: + description: 'GpuProfile: The GPU settings of an agent pool.' + properties: + installGPUDriver: + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. + type: boolean + type: object hostGroupReference: description: |- HostGroupReference: This is of the form: @@ -41190,143 +52429,283 @@ spec: type: string type: object kubeletConfig: - description: |- - Storage version of v1api20230201.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. + minimum: 2 type: integer containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary type: string linuxOSConfig: - description: |- - Storage version of v1api20230201.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: |- - Storage version of v1api20230201.SysctlConfig - Sysctl settings for Linux agent nodes. + description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 type: integer netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 type: integer netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 type: integer vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - Gateway + - System + - User type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + maximum: 65535 + minimum: 1 + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + maximum: 65535 + minimum: 1 + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP + type: string + type: object + type: array + applicationSecurityGroupsReferences: + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object + nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` + items: + type: string + type: array nodeLabels: additionalProperties: type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: description: |- @@ -41351,20 +52730,118 @@ spec: type: string type: object nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object orchestratorVersion: - type: string - originalVersion: + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: + maximum: 2048 + minimum: 0 type: integer osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed type: string osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. + enum: + - AzureLinux + - CBLMariner + - Mariner + - Ubuntu + - Windows2019 + - Windows2022 + - WindowsAnnual type: string osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows type: string owner: description: |- @@ -41379,6 +52856,14 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object + podIPAllocationMode: + description: |- + PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is + 'DynamicIndividual'. + enum: + - DynamicIndividual + - StaticBlock + type: string podSubnetReference: description: |- PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). @@ -41404,17 +52889,15 @@ spec: type: object powerState: description: |- - Storage version of v1api20230201.PowerState - Describes the Power State of the cluster + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: + description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped type: string type: object proximityPlacementGroupReference: @@ -41438,35 +52921,164 @@ spec: type: string type: object scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete type: string scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete type: string scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + sshAccess: + description: 'SshAccess: SSH access method of an agent pool.' + enum: + - Disabled + - LocalUser + type: string + type: object spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + - VirtualMachines type: string upgradeSettings: - description: |- - Storage version of v1api20230201.AgentPoolUpgradeSettings - Settings for upgrading an agentpool + description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: - $propertyBag: - additionalProperties: - type: string + drainTimeoutInMinutes: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 + type: integer maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + maximum: 30 + minimum: 0 + type: integer + undrainableNodeBehavior: + description: |- + UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable + nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the + remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. + enum: + - Cordon + - Schedule type: string type: object + virtualMachineNodesStatus: + items: + description: Current status on a group of nodes of the same vm size. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + size: + description: 'Size: The VM size of the agents used to host this group of nodes.' + type: string + type: object + type: array + virtualMachinesProfile: + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + properties: + scale: + description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' + properties: + autoscale: + description: |- + Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, + at most one AutoScaleProfile is allowed. + items: + description: Specifications on auto-scaling. + properties: + maxCount: + description: 'MaxCount: The maximum number of nodes of the specified sizes.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes of the specified sizes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS + will use the next size. + items: + type: string + type: array + type: object + type: array + manual: + description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' + items: + description: Specifications on number of machines. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will + use the next size. + items: + type: string + type: array + type: object + type: array + type: object + type: object vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: description: |- @@ -41491,26 +53103,48 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - KataMshvVmIsolation + - OCIContainer + - WasmWasi type: string required: - owner type: object status: - description: Storage version of v1api20230201.ManagedClusters_AgentPool_STATUS properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions + artifactStreamingProfile: + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + properties: + enabled: + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. + type: boolean type: object availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + type: string conditions: + description: 'Conditions: The observed state of the resource' items: description: Condition defines an extension to status (an observation) of a resource properties: @@ -41554,256 +53188,564 @@ spec: type: object type: array count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - Storage version of v1api20230201.CreationData_STATUS - Data used when creating a target resource from a source resource. + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. type: string enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean + gatewayProfile: + description: |- + GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is + not Gateway. + properties: + publicIPPrefixSize: + description: |- + PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide + public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with + one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure + public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 + nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. + type: integer + type: object gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string + gpuProfile: + description: 'GpuProfile: The GPU settings of an agent pool.' + properties: + installGPUDriver: + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. + type: boolean + type: object hostGroupID: + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: + description: 'Id: Resource ID.' type: string kubeletConfig: - description: |- - Storage version of v1api20230201.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. type: integer containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: - description: |- - Storage version of v1api20230201.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: - type: integer - sysctls: - description: |- - Storage version of v1api20230201.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + type: string + type: object + type: array + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' + items: + type: string + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object nodeImageVersion: + description: 'NodeImageVersion: The version of node image' type: string + nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` + items: + type: string + type: array nodeLabels: additionalProperties: type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. type: string osType: + description: 'OsType: The operating system type. The default is Linux.' + type: string + podIPAllocationMode: + description: |- + PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is + 'DynamicIndividual'. type: string podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: description: |- - Storage version of v1api20230201.PowerState_STATUS - Describes the Power State of the cluster + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: + description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: + description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + sshAccess: + description: 'SshAccess: SSH access method of an agent pool.' + type: string + type: object spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: + description: 'Type: Resource type' type: string upgradeSettings: - description: |- - Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool + description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: - $propertyBag: - additionalProperties: - type: string + drainTimeoutInMinutes: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + type: integer maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + type: integer + undrainableNodeBehavior: + description: |- + UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable + nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the + remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. type: string type: object + virtualMachineNodesStatus: + items: + description: Current status on a group of nodes of the same vm size. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + size: + description: 'Size: The VM size of the agents used to host this group of nodes.' + type: string + type: object + type: array + virtualMachinesProfile: + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + properties: + scale: + description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' + properties: + autoscale: + description: |- + Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, + at most one AutoScaleProfile is allowed. + items: + description: Specifications on auto-scaling. + properties: + maxCount: + description: 'MaxCount: The maximum number of nodes of the specified sizes.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes of the specified sizes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS + will use the next size. + items: + type: string + type: array + type: object + type: array + manual: + description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' + items: + description: Specifications on number of machines. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will + use the next size. + items: + type: string + type: array + type: object + type: array + type: object + type: object vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -41824,12 +53766,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20231001 + name: v1api20240402previewstorage schema: openAPIV3Schema: description: |- + Storage version of v1api20240402preview.ManagedClustersAgentPool Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: @@ -41850,11 +53793,29 @@ spec: metadata: type: object spec: + description: Storage version of v1api20240402preview.ManagedClustersAgentPool_Spec properties: - availabilityZones: + $propertyBag: + additionalProperties: + type: string description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + availabilityZones: items: type: string type: array @@ -41862,9 +53823,6 @@ spec: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. - maxLength: 12 - minLength: 1 - pattern: ^[a-z][a-z0-9]{0,11}$ type: string capacityReservationGroupReference: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' @@ -41887,15 +53845,19 @@ spec: type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + Storage version of v1api20240402preview.CreationData + Data used when creating a target resource from a source resource. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: @@ -41918,39 +53880,47 @@ spec: type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean + gatewayProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolGatewayProfile + Profile of the managed cluster gateway agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixSize: + type: integer + type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g type: string + gpuProfile: + description: Storage version of v1api20240402preview.AgentPoolGPUProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object hostGroupReference: description: |- HostGroupReference: This is of the form: @@ -41975,227 +53945,176 @@ spec: type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: |- + Storage version of v1api20240402preview.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: |- + Storage version of v1api20240402preview.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: |- + Storage version of v1api20240402preview.SysctlConfig + Sysctl settings for Linux agent nodes. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - maximum: 90 - minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - maximum: 524288 - minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - maximum: 2097152 - minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - System - - User type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' + description: |- + Storage version of v1api20240402preview.AgentPoolNetworkProfile + Network settings of an agent pool. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. + description: |- + Storage version of v1api20240402preview.PortRange + The port range. properties: - portEnd: + $propertyBag: + additionalProperties: + type: string description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. - maximum: 65535 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. - maximum: 65535 - minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' - enum: - - TCP - - UDP type: string type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: @@ -42218,23 +54137,32 @@ spec: type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. + description: |- + Storage version of v1api20240402preview.IPTag + Contains the IPTag associated with the object. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object + nodeInitializationTaints: + items: + type: string + type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: description: |- @@ -42259,50 +54187,91 @@ spec: type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array - orchestratorVersion: + operatorSpec: description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + Storage version of v1api20240402preview.ManagedClustersAgentPoolOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + type: string + originalVersion: type: string osDiskSizeGB: - maximum: 2048 - minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. - enum: - - AzureLinux - - CBLMariner - - Ubuntu - - Windows2019 - - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows type: string owner: description: |- @@ -42317,6 +54286,8 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object + podIPAllocationMode: + type: string podSubnetReference: description: |- PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). @@ -42342,15 +54313,17 @@ spec: type: object powerState: description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded + Storage version of v1api20240402preview.PowerState + Describes the Power State of the cluster properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object code: - description: 'Code: Tells whether the cluster is Running or Stopped' - enum: - - Running - - Stopped type: string type: object proximityPlacementGroupReference: @@ -42374,66 +54347,149 @@ spec: type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - enum: - - Deallocate - - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot type: string - spotMaxPrice: + securityProfile: description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + Storage version of v1api20240402preview.AgentPoolSecurityProfile + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object + spotMaxPrice: type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: |- + Storage version of v1api20240402preview.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: - drainTimeoutInMinutes: + $propertyBag: + additionalProperties: + type: string description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. - maximum: 1440 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + nodeSoakDurationInMinutes: + type: integer + undrainableNodeBehavior: type: string type: object - vmSize: + virtualMachineNodesStatus: + items: + description: |- + Storage version of v1api20240402preview.VirtualMachineNodes + Current status on a group of nodes of the same vm size. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions + Storage version of v1api20240402preview.VirtualMachinesProfile + Specifications on VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: |- + Storage version of v1api20240402preview.ScaleProfile + Specifications on how to scale a VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + autoscale: + items: + description: |- + Storage version of v1api20240402preview.AutoScaleProfile + Specifications on auto-scaling. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxCount: + type: integer + minCount: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + manual: + items: + description: |- + Storage version of v1api20240402preview.ManualScaleProfile + Specifications on number of machines. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object + type: object + vmSize: type: string vnetSubnetReference: description: |- @@ -42458,29 +54514,56 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolWindowsProfile + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - enum: - - OCIContainer - - WasmWasi type: string required: - owner type: object status: + description: Storage version of v1api20240402preview.ManagedClustersAgentPool_STATUS properties: - availabilityZones: + $propertyBag: + additionalProperties: + type: string description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + availabilityZones: items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string conditions: - description: 'Conditions: The observed state of the resource' items: description: Condition defines an extension to status (an observation) of a resource properties: @@ -42524,408 +54607,482 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + Storage version of v1api20240402preview.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. + type: string + eTag: type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean + gatewayProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolGatewayProfile_STATUS + Profile of the managed cluster gateway agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixSize: + type: integer + type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string + gpuProfile: + description: Storage version of v1api20240402preview.AgentPoolGPUProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: |- + Storage version of v1api20240402preview.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: |- + Storage version of v1api20240402preview.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: |- + Storage version of v1api20240402preview.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' + description: |- + Storage version of v1api20240402preview.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. + description: |- + Storage version of v1api20240402preview.PortRange_STATUS + The port range. properties: - portEnd: + $propertyBag: + additionalProperties: + type: string description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. + description: |- + Storage version of v1api20240402preview.IPTag_STATUS + Contains the IPTag associated with the object. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string + nodeInitializationTaints: + items: + type: string + type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' + type: string + podIPAllocationMode: type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded + Storage version of v1api20240402preview.PowerState_STATUS + Describes the Power State of the cluster properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: - description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string - spotMaxPrice: + securityProfile: description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + Storage version of v1api20240402preview.AgentPoolSecurityProfile_STATUS + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object + spotMaxPrice: type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: Resource type' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: |- + Storage version of v1api20240402preview.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: - drainTimeoutInMinutes: + $propertyBag: + additionalProperties: + type: string description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + nodeSoakDurationInMinutes: + type: integer + undrainableNodeBehavior: type: string type: object - vmSize: + virtualMachineNodesStatus: + items: + description: |- + Storage version of v1api20240402preview.VirtualMachineNodes_STATUS + Current status on a group of nodes of the same vm size. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions + Storage version of v1api20240402preview.VirtualMachinesProfile_STATUS + Specifications on VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: |- + Storage version of v1api20240402preview.ScaleProfile_STATUS + Specifications on how to scale a VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + autoscale: + items: + description: |- + Storage version of v1api20240402preview.AutoScaleProfile_STATUS + Specifications on auto-scaling. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxCount: + type: integer + minCount: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + manual: + items: + description: |- + Storage version of v1api20240402preview.ManualScaleProfile_STATUS + Specifications on number of machines. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object + type: object + vmSize: type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + windowsProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -42946,13 +55103,12 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20231001storage + name: v1api20240901 schema: openAPIV3Schema: description: |- - Storage version of v1api20231001.ManagedClustersAgentPool Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: @@ -42973,16 +55129,11 @@ spec: metadata: type: object spec: - description: Storage version of v1api20231001.ManagedClusters_AgentPool_Spec properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -42990,6 +55141,9 @@ spec: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. + maxLength: 12 + minLength: 1 + pattern: ^[a-z][a-z0-9]{0,11}$ type: string capacityReservationGroupReference: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' @@ -43012,19 +55166,15 @@ spec: type: string type: object count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - Storage version of v1api20231001.CreationData - Data used when creating a target resource from a source resource. + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: @@ -43047,16 +55197,38 @@ spec: type: object type: object enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g type: string hostGroupReference: description: |- @@ -43082,174 +55254,227 @@ spec: type: string type: object kubeletConfig: - description: |- - Storage version of v1api20231001.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. + minimum: 2 type: integer containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary type: string linuxOSConfig: - description: |- - Storage version of v1api20231001.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: |- - Storage version of v1api20231001.SysctlConfig - Sysctl settings for Linux agent nodes. + description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 type: integer netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 type: integer netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 type: integer vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User type: string networkProfile: - description: |- - Storage version of v1api20231001.AgentPoolNetworkProfile - Network settings of an agent pool. + description: 'NetworkProfile: Network-related settings of an agent pool.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: |- - Storage version of v1api20231001.PortRange - The port range. + description: The port range. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + maximum: 65535 + minimum: 1 type: integer portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + maximum: 65535 + minimum: 1 type: integer protocol: + description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP type: string type: object type: array applicationSecurityGroupsReferences: + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: @@ -43272,21 +55497,15 @@ spec: type: object type: array nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: |- - Storage version of v1api20231001.IPTag - Contains the IPTag associated with the object. + description: Contains the IPTag associated with the object. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array @@ -43294,6 +55513,7 @@ spec: nodeLabels: additionalProperties: type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: description: |- @@ -43317,21 +55537,117 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - nodeTaints: - items: - type: string - type: array + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object orchestratorVersion: - type: string - originalVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: + maximum: 2048 + minimum: 0 type: integer osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed type: string osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + enum: + - AzureLinux + - CBLMariner + - Ubuntu + - Windows2019 + - Windows2022 type: string osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows type: string owner: description: |- @@ -43371,17 +55687,15 @@ spec: type: object powerState: description: |- - Storage version of v1api20231001.PowerState - Describes the Power State of the cluster + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: + description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped type: string type: object proximityPlacementGroupReference: @@ -43405,37 +55719,87 @@ spec: type: string type: object scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete type: string scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete type: string scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + type: object spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets type: string upgradeSettings: - description: |- - Storage version of v1api20231001.AgentPoolUpgradeSettings - Settings for upgrading an agentpool + description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 type: integer maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + maximum: 30 + minimum: 0 + type: integer type: object vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: description: |- @@ -43460,28 +55824,38 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - OCIContainer + - WasmWasi type: string required: - owner type: object status: - description: Storage version of v1api20231001.ManagedClusters_AgentPool_STATUS properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string conditions: + description: 'Conditions: The observed state of the resource' items: description: Condition defines an extension to status (an observation) of a resource properties: @@ -43525,320 +55899,447 @@ spec: type: object type: array count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - Storage version of v1api20231001.CreationData_STATUS - Data used when creating a target resource from a source resource. + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. type: string enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: + description: 'Id: Resource ID.' type: string kubeletConfig: - description: |- - Storage version of v1api20231001.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + ≥ 2. type: integer containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: - description: |- - Storage version of v1api20231001.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: |- - Storage version of v1api20231001.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. + description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string networkProfile: - description: |- - Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. + description: 'NetworkProfile: Network-related settings of an agent pool.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: |- - Storage version of v1api20231001.PortRange_STATUS - The port range. + description: The port range. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: + description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: + description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: |- - Storage version of v1api20231001.IPTag_STATUS - Contains the IPTag associated with the object. + description: Contains the IPTag associated with the object. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: + description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: + description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: description: |- - Storage version of v1api20231001.PowerState_STATUS - Describes the Power State of the cluster + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object code: + description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: + description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + type: object spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: + description: 'Type: Resource type' type: string upgradeSettings: - description: |- - Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool + description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. type: integer maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + type: integer type: object vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} - additionalPrinterColumns: @@ -43854,12 +56355,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20231102preview + name: v1api20240901storage schema: openAPIV3Schema: description: |- + Storage version of v1api20240901.ManagedClustersAgentPool Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: @@ -43880,20 +56382,16 @@ spec: metadata: type: object spec: + description: Storage version of v1api20240901.ManagedClustersAgentPool_Spec properties: - artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' - properties: - enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. - type: boolean + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -43901,9 +56399,6 @@ spec: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. - maxLength: 12 - minLength: 1 - pattern: ^[a-z][a-z0-9]{0,11}$ type: string capacityReservationGroupReference: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' @@ -43926,15 +56421,19 @@ spec: type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + Storage version of v1api20240901.CreationData + Data used when creating a target resource from a source resource. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: @@ -43956,57 +56455,18 @@ spec: type: string type: object type: object - enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' - type: boolean - enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. + enableAutoScaling: type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g type: string - gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' - properties: - installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. - type: boolean - type: object hostGroupReference: description: |- HostGroupReference: This is of the form: @@ -44031,233 +56491,174 @@ spec: type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: |- + Storage version of v1api20240901.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: |- + Storage version of v1api20240901.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: |- + Storage version of v1api20240901.SysctlConfig + Sysctl settings for Linux agent nodes. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - maximum: 90 - minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - maximum: 524288 - minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - maximum: 2097152 - minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer - messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). - type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - System - - User type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' + description: |- + Storage version of v1api20240901.AgentPoolNetworkProfile + Network settings of an agent pool. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. + description: |- + Storage version of v1api20240901.PortRange + The port range. properties: - portEnd: + $propertyBag: + additionalProperties: + type: string description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. - maximum: 65535 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. - maximum: 65535 - minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' - enum: - - TCP - - UDP type: string type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: @@ -44280,33 +56681,28 @@ spec: type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. + description: |- + Storage version of v1api20240901.IPTag + Contains the IPTag associated with the object. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object - nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` - items: - type: string - type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: description: |- @@ -44331,52 +56727,91 @@ spec: type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array - orchestratorVersion: + operatorSpec: description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + Storage version of v1api20240901.ManagedClustersAgentPoolOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + orchestratorVersion: + type: string + originalVersion: type: string osDiskSizeGB: - maximum: 2048 - minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. - enum: - - AzureLinux - - CBLMariner - - Mariner - - Ubuntu - - Windows2019 - - Windows2022 - - WindowsAnnual type: string osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows type: string owner: description: |- @@ -44416,15 +56851,17 @@ spec: type: object powerState: description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded + Storage version of v1api20240901.PowerState + Describes the Power State of the cluster properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object code: - description: 'Code: Tells whether the cluster is Running or Stopped' - enum: - - Running - - Stopped type: string type: object proximityPlacementGroupReference: @@ -44448,133 +56885,56 @@ spec: type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - enum: - - Deallocate - - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' + description: |- + Storage version of v1api20240901.AgentPoolSecurityProfile + The security settings of an agent pool. properties: - enableSecureBoot: + $propertyBag: + additionalProperties: + type: string description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean - sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' - enum: - - Disabled - - LocalUser - type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets - - VirtualMachines type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + description: |- + Storage version of v1api20240901.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: - drainTimeoutInMinutes: + $propertyBag: + additionalProperties: + type: string description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. - maximum: 1440 - minimum: 1 + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. - maximum: 30 - minimum: 0 type: integer type: object - virtualMachineNodesStatus: - items: - description: Current status on a group of nodes of the same vm size. - properties: - count: - description: 'Count: Number of nodes.' - type: integer - size: - description: 'Size: The VM size of the agents used to host this group of nodes.' - type: string - type: object - type: array - virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' - properties: - scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' - properties: - manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' - items: - description: Specifications on number of machines. - properties: - count: - description: 'Count: Number of nodes.' - maximum: 1000 - minimum: 0 - type: integer - sizes: - description: |- - Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable - (e.g. due to quota or regional capacity reasons), AKS will use the next size. - items: - type: string - type: array - type: object - type: array - type: object - type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: description: |- @@ -44600,47 +56960,42 @@ spec: type: string type: object windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' + description: |- + Storage version of v1api20240901.AgentPoolWindowsProfile + The Windows agent pool's specific profile. properties: - disableOutboundNat: + $propertyBag: + additionalProperties: + type: string description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - enum: - - KataMshvVmIsolation - - OCIContainer - - WasmWasi type: string required: - owner type: object status: + description: Storage version of v1api20240901.ManagedClustersAgentPool_STATUS properties: - artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' - properties: - enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. - type: boolean + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string conditions: - description: 'Conditions: The observed state of the resource' items: description: Condition defines an extension to status (an observation) of a resource properties: @@ -44684,510 +57039,714 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. + Storage version of v1api20240901.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be - exactly equal to it. If orchestratorVersion was , this field will contain the full - version being used. + type: string + eTag: type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' - type: boolean - enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean - gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - type: string - gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' - properties: - installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. - type: boolean - type: object - hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + gpuInstanceProfile: + type: string + hostGroupID: type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + description: |- + Storage version of v1api20240901.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + description: |- + Storage version of v1api20240901.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + description: |- + Storage version of v1api20240901.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer - messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). - type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' + description: |- + Storage version of v1api20240901.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. + description: |- + Storage version of v1api20240901.PortRange_STATUS + The port range. properties: - portEnd: + $propertyBag: + additionalProperties: + type: string description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. + description: |- + Storage version of v1api20240901.IPTag_STATUS + Contains the IPTag associated with the object. properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string - nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` - items: - type: string - type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: + type: string + osType: + type: string + podSubnetID: + type: string + powerState: description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. + Storage version of v1api20240901.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + properties_type: + type: string + provisioningState: + type: string + proximityPlacementGroupID: + type: string + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + securityProfile: + description: |- + Storage version of v1api20240901.AgentPoolSecurityProfile_STATUS + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + type: object + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240901.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: + type: string + nodeSoakDurationInMinutes: + type: integer + type: object + vmSize: + type: string + vnetSubnetID: + type: string + windowsProfile: + description: |- + Storage version of v1api20240901.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object + workloadRuntime: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert + controller-gen.kubebuilder.io/version: v0.16.3 + labels: + app.kubernetes.io/name: azure-service-operator + app.kubernetes.io/version: v2.11.0 + name: natgateways.network.azure.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: azureserviceoperator-webhook-service + namespace: azureserviceoperator-system + path: /convert + port: 443 + conversionReviewVersions: + - v1 + group: network.azure.com + names: + kind: NatGateway + listKind: NatGatewayList + plural: natgateways + singular: natgateway + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20220701 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + idleTimeoutInMinutes: + description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' + type: integer + location: + description: 'Location: Resource location.' + type: string + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + publicIpAddresses: + description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' + items: + description: Reference to another ARM resource. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + publicIpPrefixes: + description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' + items: + description: Reference to another ARM resource. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + sku: + description: 'Sku: The nat gateway SKU.' + properties: + name: + description: 'Name: Name of Nat Gateway SKU.' + enum: + - Standard + type: string + type: object + tags: + additionalProperties: + type: string + description: 'Tags: Resource tags.' + type: object + zones: + description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' + items: + type: string + type: array + required: + - owner + type: object + status: + description: Nat Gateway resource. + properties: + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string - osType: - description: 'OsType: The operating system type. The default is Linux.' + id: + description: 'Id: Resource ID.' type: string - podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + idleTimeoutInMinutes: + description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' + type: integer + location: + description: 'Location: Resource location.' type: string - powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - type: string - type: object - properties_type: - description: 'PropertiesType: The type of Agent Pool.' + name: + description: 'Name: Resource name.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' - type: string - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' - type: string - scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - type: string - scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. + description: 'ProvisioningState: The provisioning state of the NAT gateway resource.' type: string - scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + publicIpAddresses: + description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' + items: + description: Reference to another ARM resource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + publicIpPrefixes: + description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' + items: + description: Reference to another ARM resource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + resourceGuid: + description: 'ResourceGuid: The resource GUID property of the NAT gateway resource.' type: string - securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' + sku: + description: 'Sku: The nat gateway SKU.' properties: - enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. - type: boolean - enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. - type: boolean - sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' + name: + description: 'Name: Name of Nat Gateway SKU.' type: string type: object - spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) - type: number + subnets: + description: 'Subnets: An array of references to the subnets using this nat gateway resource.' + items: + description: Reference to another ARM resource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type' + description: 'Type: Resource type.' type: string - upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' - properties: - drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. - type: integer - maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade - type: string - nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. - type: integer - type: object - virtualMachineNodesStatus: + zones: + description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' items: - description: Current status on a group of nodes of the same vm size. - properties: - count: - description: 'Count: Number of nodes.' - type: integer - size: - description: 'Size: The VM size of the agents used to host this group of nodes.' - type: string - type: object + type: string type: array - virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' - properties: - scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' - properties: - manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' - items: - description: Specifications on number of machines. - properties: - count: - description: 'Count: Number of nodes.' - type: integer - sizes: - description: |- - Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable - (e.g. due to quota or regional capacity reasons), AKS will use the next size. - items: - type: string - type: array - type: object - type: array - type: object - type: object - vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions - type: string - vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - type: string - windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' - properties: - disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. - type: boolean - type: object - workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - type: string type: object type: object served: true @@ -45207,14 +57766,14 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20231102previewstorage + name: v1api20220701storage schema: openAPIV3Schema: description: |- - Storage version of v1api20231102preview.ManagedClustersAgentPool + Storage version of v1api20220701.NatGateway Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} properties: apiVersion: description: |- @@ -45234,7 +57793,7 @@ spec: metadata: type: object spec: - description: Storage version of v1api20231102preview.ManagedClusters_AgentPool_Spec + description: Storage version of v1api20220701.NatGateway_Spec properties: $propertyBag: additionalProperties: @@ -45243,137 +57802,19 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - artifactStreamingProfile: - description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - enabled: - type: boolean - type: object - availabilityZones: - items: - type: string - type: array azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - count: + idleTimeoutInMinutes: type: integer - creationData: - description: |- - Storage version of v1api20231102preview.CreationData - Data used when creating a target resource from a source resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - enableAutoScaling: - type: boolean - enableCustomCATrust: - type: boolean - enableEncryptionAtHost: - type: boolean - enableFIPS: - type: boolean - enableNodePublicIP: - type: boolean - enableUltraSSD: - type: boolean - gpuInstanceProfile: + location: type: string - gpuProfile: - description: Storage version of v1api20231102preview.AgentPoolGPUProfile - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - installGPUDriver: - type: boolean - type: object - hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - kubeletConfig: + operatorSpec: description: |- - Storage version of v1api20231102preview.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + Storage version of v1api20220701.NatGatewayOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: @@ -45382,167 +57823,95 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - allowedUnsafeSysctls: + configMapExpressions: items: - type: string - type: array - containerLogMaxFiles: - type: integer - containerLogMaxSizeMB: - type: integer - cpuCfsQuota: - type: boolean - cpuCfsQuotaPeriod: - type: string - cpuManagerPolicy: - type: string - failSwapOn: - type: boolean - imageGcHighThreshold: - type: integer - imageGcLowThreshold: - type: integer - podMaxPids: - type: integer - topologyManagerPolicy: - type: string - type: object - kubeletDiskType: - type: string - linuxOSConfig: - description: |- - Storage version of v1api20231102preview.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - swapFileSizeMB: - type: integer - sysctls: - description: |- - Storage version of v1api20231102preview.SysctlConfig - Sysctl settings for Linux agent nodes. - properties: - $propertyBag: - additionalProperties: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - fsAioMaxNr: - type: integer - fsFileMax: - type: integer - fsInotifyMaxUserWatches: - type: integer - fsNrOpen: - type: integer - kernelThreadsMax: - type: integer - netCoreNetdevMaxBacklog: - type: integer - netCoreOptmemMax: - type: integer - netCoreRmemDefault: - type: integer - netCoreRmemMax: - type: integer - netCoreSomaxconn: - type: integer - netCoreWmemDefault: - type: integer - netCoreWmemMax: - type: integer - netIpv4IpLocalPortRange: - type: string - netIpv4NeighDefaultGcThresh1: - type: integer - netIpv4NeighDefaultGcThresh2: - type: integer - netIpv4NeighDefaultGcThresh3: - type: integer - netIpv4TcpFinTimeout: - type: integer - netIpv4TcpKeepaliveProbes: - type: integer - netIpv4TcpKeepaliveTime: - type: integer - netIpv4TcpMaxSynBacklog: - type: integer - netIpv4TcpMaxTwBuckets: - type: integer - netIpv4TcpTwReuse: - type: boolean - netIpv4TcpkeepaliveIntvl: - type: integer - netNetfilterNfConntrackBuckets: - type: integer - netNetfilterNfConntrackMax: - type: integer - vmMaxMapCount: - type: integer - vmSwappiness: - type: integer - vmVfsCachePressure: - type: integer - type: object - transparentHugePageDefrag: - type: string - transparentHugePageEnabled: - type: string - type: object - maxCount: - type: integer - maxPods: - type: integer - messageOfTheDay: - type: string - minCount: - type: integer - mode: - type: string - networkProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolNetworkProfile - Network settings of an agent pool. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - allowedHostPorts: + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: items: description: |- - Storage version of v1api20231102preview.PortRange - The port range. + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - $propertyBag: - additionalProperties: - type: string + key: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - portEnd: - type: integer - portStart: - type: integer - protocol: + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string + required: + - name + - value + type: object + type: array + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + publicIpAddresses: + items: + description: |- + Storage version of v1api20220701.SubResource + Reference to another ARM resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - type: array - applicationSecurityGroupsReferences: - items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + reference: + description: 'Reference: Resource ID.' properties: armId: description: |- @@ -45561,181 +57930,176 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - type: array - nodePublicIPTags: - items: + type: object + type: array + publicIpPrefixes: + items: + description: |- + Storage version of v1api20220701.SubResource + Reference to another ARM resource. + properties: + $propertyBag: + additionalProperties: + type: string description: |- - Storage version of v1api20231102preview.IPTag - Contains the IPTag associated with the object. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' properties: - $propertyBag: - additionalProperties: - type: string + armId: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - ipTagType: + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - tag: + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object - type: array - type: object - nodeInitializationTaints: - items: - type: string + type: object type: array - nodeLabels: - additionalProperties: - type: string - type: object - nodePublicIPPrefixReference: + sku: description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + Storage version of v1api20220701.NatGatewaySku + SKU of nat gateway. properties: - armId: + $propertyBag: + additionalProperties: + type: string description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object name: - description: Name is the Kubernetes name of the resource. type: string type: object - nodeTaints: + tags: + additionalProperties: + type: string + type: object + zones: items: type: string type: array - orchestratorVersion: + required: + - owner + type: object + status: + description: |- + Storage version of v1api20220701.NatGateway_STATUS + Nat Gateway resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + etag: type: string - originalVersion: + id: type: string - osDiskSizeGB: + idleTimeoutInMinutes: type: integer - osDiskType: + location: type: string - osSKU: + name: type: string - osType: + provisioningState: type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - powerState: - description: |- - Storage version of v1api20231102preview.PowerState - Describes the Power State of the cluster - properties: - $propertyBag: - additionalProperties: + publicIpAddresses: + items: + description: |- + Storage version of v1api20220701.SubResource_STATUS + Reference to another ARM resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - scaleDownMode: - type: string - scaleSetEvictionPolicy: - type: string - scaleSetPriority: - type: string - securityProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolSecurityProfile - The security settings of an agent pool. - properties: - $propertyBag: - additionalProperties: + type: object + type: array + publicIpPrefixes: + items: + description: |- + Storage version of v1api20220701.SubResource_STATUS + Reference to another ARM resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - enableSecureBoot: - type: boolean - enableVTPM: - type: boolean - sshAccess: - type: string - type: object - spotMaxPrice: - type: number - tags: - additionalProperties: - type: string - type: object - type: + type: object + type: array + resourceGuid: type: string - upgradeSettings: + sku: description: |- - Storage version of v1api20231102preview.AgentPoolUpgradeSettings - Settings for upgrading an agentpool + Storage version of v1api20220701.NatGatewaySku_STATUS + SKU of nat gateway. properties: $propertyBag: additionalProperties: @@ -45744,18 +58108,14 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - drainTimeoutInMinutes: - type: integer - maxSurge: + name: type: string - nodeSoakDurationInMinutes: - type: integer type: object - virtualMachineNodesStatus: + subnets: items: description: |- - Storage version of v1api20231102preview.VirtualMachineNodes - Current status on a group of nodes of the same vm size. + Storage version of v1api20220701.SubResource_STATUS + Reference to another ARM resource. properties: $propertyBag: additionalProperties: @@ -45764,134 +58124,237 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - count: - type: integer - size: + id: type: string type: object type: array - virtualMachinesProfile: + tags: + additionalProperties: + type: string + type: object + type: + type: string + zones: + items: + type: string + type: array + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20240301 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/natGateway.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + azureName: description: |- - Storage version of v1api20231102preview.VirtualMachinesProfile - Specifications on VirtualMachines agent pool. + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + idleTimeoutInMinutes: + description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' + type: integer + location: + description: 'Location: Resource location.' + type: string + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - scale: - description: |- - Storage version of v1api20231102preview.ScaleProfile - Specifications on how to scale a VirtualMachines agent pool. - properties: - $propertyBag: - additionalProperties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - manual: - items: + name: description: |- - Storage version of v1api20231102preview.ManualScaleProfile - Specifications on number of machines. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - count: - type: integer - sizes: - items: - type: string - type: array - type: object - type: array - type: object + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array type: object - vmSize: - type: string - vnetSubnetReference: + owner: description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + publicIpAddresses: + description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' + items: + description: Reference to another subresource. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + publicIpPrefixes: + description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' + items: + description: Reference to another subresource. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + sku: + description: 'Sku: The nat gateway SKU.' properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string name: - description: Name is the Kubernetes name of the resource. + description: 'Name: Name of Nat Gateway SKU.' + enum: + - Standard type: string type: object - windowsProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolWindowsProfile - The Windows agent pool's specific profile. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - disableOutboundNat: - type: boolean - type: object - workloadRuntime: - type: string - required: - - owner - type: object - status: - description: Storage version of v1api20231102preview.ManagedClusters_AgentPool_STATUS - properties: - $propertyBag: + tags: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - artifactStreamingProfile: - description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile_STATUS - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - enabled: - type: boolean + description: 'Tags: Resource tags.' type: object - availabilityZones: + zones: + description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' items: type: string type: array - capacityReservationGroupID: - type: string + required: + - owner + type: object + status: + description: Nat Gateway resource. + properties: conditions: + description: 'Conditions: The observed state of the resource' items: description: Condition defines an extension to status (an observation) of a resource properties: @@ -45934,199 +58397,145 @@ spec: - type type: object type: array - count: - type: integer - creationData: - description: |- - Storage version of v1api20231102preview.CreationData_STATUS - Data used when creating a target resource from a source resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceId: - type: string - type: object - currentOrchestratorVersion: + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string - enableAutoScaling: - type: boolean - enableCustomCATrust: - type: boolean - enableEncryptionAtHost: - type: boolean - enableFIPS: - type: boolean - enableNodePublicIP: - type: boolean - enableUltraSSD: - type: boolean - gpuInstanceProfile: + id: + description: 'Id: Resource ID.' type: string - gpuProfile: - description: Storage version of v1api20231102preview.AgentPoolGPUProfile_STATUS - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - installGPUDriver: - type: boolean - type: object - hostGroupID: + idleTimeoutInMinutes: + description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' + type: integer + location: + description: 'Location: Resource location.' type: string - id: + name: + description: 'Name: Resource name.' type: string - kubeletConfig: - description: |- - Storage version of v1api20231102preview.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. - properties: - $propertyBag: - additionalProperties: + provisioningState: + description: 'ProvisioningState: The provisioning state of the NAT gateway resource.' + type: string + publicIpAddresses: + description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' + items: + description: Reference to another subresource. + properties: + id: + description: 'Id: Resource ID.' type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - allowedUnsafeSysctls: - items: + type: object + type: array + publicIpPrefixes: + description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' + items: + description: Reference to another subresource. + properties: + id: + description: 'Id: Resource ID.' type: string - type: array - containerLogMaxFiles: - type: integer - containerLogMaxSizeMB: - type: integer - cpuCfsQuota: - type: boolean - cpuCfsQuotaPeriod: - type: string - cpuManagerPolicy: - type: string - failSwapOn: - type: boolean - imageGcHighThreshold: - type: integer - imageGcLowThreshold: - type: integer - podMaxPids: - type: integer - topologyManagerPolicy: + type: object + type: array + resourceGuid: + description: 'ResourceGuid: The resource GUID property of the NAT gateway resource.' + type: string + sku: + description: 'Sku: The nat gateway SKU.' + properties: + name: + description: 'Name: Name of Nat Gateway SKU.' type: string type: object - kubeletDiskType: + subnets: + description: 'Subnets: An array of references to the subnets using this nat gateway resource.' + items: + description: Reference to another subresource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + tags: + additionalProperties: + type: string + description: 'Tags: Resource tags.' + type: object + type: + description: 'Type: Resource type.' type: string - linuxOSConfig: + zones: + description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' + items: + type: string + type: array + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20240301storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20240301.NatGateway + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/natGateway.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20240301.NatGateway_Spec + properties: + $propertyBag: + additionalProperties: + type: string description: |- - Storage version of v1api20231102preview.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - swapFileSizeMB: - type: integer - sysctls: - description: |- - Storage version of v1api20231102preview.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - fsAioMaxNr: - type: integer - fsFileMax: - type: integer - fsInotifyMaxUserWatches: - type: integer - fsNrOpen: - type: integer - kernelThreadsMax: - type: integer - netCoreNetdevMaxBacklog: - type: integer - netCoreOptmemMax: - type: integer - netCoreRmemDefault: - type: integer - netCoreRmemMax: - type: integer - netCoreSomaxconn: - type: integer - netCoreWmemDefault: - type: integer - netCoreWmemMax: - type: integer - netIpv4IpLocalPortRange: - type: string - netIpv4NeighDefaultGcThresh1: - type: integer - netIpv4NeighDefaultGcThresh2: - type: integer - netIpv4NeighDefaultGcThresh3: - type: integer - netIpv4TcpFinTimeout: - type: integer - netIpv4TcpKeepaliveProbes: - type: integer - netIpv4TcpKeepaliveTime: - type: integer - netIpv4TcpMaxSynBacklog: - type: integer - netIpv4TcpMaxTwBuckets: - type: integer - netIpv4TcpTwReuse: - type: boolean - netIpv4TcpkeepaliveIntvl: - type: integer - netNetfilterNfConntrackBuckets: - type: integer - netNetfilterNfConntrackMax: - type: integer - vmMaxMapCount: - type: integer - vmSwappiness: - type: integer - vmVfsCachePressure: - type: integer - type: object - transparentHugePageDefrag: - type: string - transparentHugePageEnabled: - type: string + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - maxCount: - type: integer - maxPods: - type: integer - messageOfTheDay: + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string - minCount: + idleTimeoutInMinutes: type: integer - mode: - type: string - name: + location: type: string - networkProfile: + operatorSpec: description: |- - Storage version of v1api20231102preview.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. + Storage version of v1api20240301.NatGatewayOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: @@ -46135,83 +58544,154 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - allowedHostPorts: + configMapExpressions: items: description: |- - Storage version of v1api20231102preview.PortRange_STATUS - The port range. + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - $propertyBag: - additionalProperties: - type: string + key: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - portEnd: - type: integer - portStart: - type: integer - protocol: + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value type: object type: array - applicationSecurityGroups: - items: - type: string - type: array - nodePublicIPTags: + secretExpressions: items: description: |- - Storage version of v1api20231102preview.IPTag_STATUS - Contains the IPTag associated with the object. + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - $propertyBag: - additionalProperties: - type: string + key: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - ipTagType: + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - tag: + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value type: object type: array type: object - nodeImageVersion: + originalVersion: type: string - nodeInitializationTaints: - items: - type: string - type: array - nodeLabels: - additionalProperties: - type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string type: object - nodePublicIPPrefixID: - type: string - nodeTaints: + publicIpAddresses: items: - type: string + description: |- + Storage version of v1api20240301.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object type: array - orchestratorVersion: - type: string - osDiskSizeGB: - type: integer - osDiskType: - type: string - osSKU: - type: string - osType: - type: string - podSubnetID: - type: string - powerState: + publicIpPrefixes: + items: + description: |- + Storage version of v1api20240301.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + sku: description: |- - Storage version of v1api20231102preview.PowerState_STATUS - Describes the Power State of the cluster + Storage version of v1api20240301.NatGatewaySku + SKU of nat gateway. properties: $propertyBag: additionalProperties: @@ -46220,52 +58700,127 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - code: + name: type: string type: object - properties_type: - type: string - provisioningState: + tags: + additionalProperties: + type: string + type: object + zones: + items: + type: string + type: array + required: + - owner + type: object + status: + description: |- + Storage version of v1api20240301.NatGateway_STATUS + Nat Gateway resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + etag: type: string - proximityPlacementGroupID: + id: type: string - scaleDownMode: + idleTimeoutInMinutes: + type: integer + location: type: string - scaleSetEvictionPolicy: + name: type: string - scaleSetPriority: + provisioningState: type: string - securityProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. - properties: - $propertyBag: - additionalProperties: + publicIpAddresses: + items: + description: |- + Storage version of v1api20240301.SubResource_STATUS + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - enableSecureBoot: - type: boolean - enableVTPM: - type: boolean - sshAccess: - type: string - type: object - spotMaxPrice: - type: number - tags: - additionalProperties: - type: string - type: object - type: + type: object + type: array + publicIpPrefixes: + items: + description: |- + Storage version of v1api20240301.SubResource_STATUS + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + resourceGuid: type: string - upgradeSettings: + sku: description: |- - Storage version of v1api20231102preview.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool + Storage version of v1api20240301.NatGatewaySku_STATUS + SKU of nat gateway. properties: $propertyBag: additionalProperties: @@ -46274,18 +58829,14 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - drainTimeoutInMinutes: - type: integer - maxSurge: + name: type: string - nodeSoakDurationInMinutes: - type: integer type: object - virtualMachineNodesStatus: + subnets: items: description: |- - Storage version of v1api20231102preview.VirtualMachineNodes_STATUS - Current status on a group of nodes of the same vm size. + Storage version of v1api20240301.SubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: @@ -46294,86 +58845,58 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - count: - type: integer - size: + id: type: string type: object type: array - virtualMachinesProfile: - description: |- - Storage version of v1api20231102preview.VirtualMachinesProfile_STATUS - Specifications on VirtualMachines agent pool. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - scale: - description: |- - Storage version of v1api20231102preview.ScaleProfile_STATUS - Specifications on how to scale a VirtualMachines agent pool. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - manual: - items: - description: |- - Storage version of v1api20231102preview.ManualScaleProfile_STATUS - Specifications on number of machines. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - count: - type: integer - sizes: - items: - type: string - type: array - type: object - type: array - type: object - type: object - vmSize: - type: string - vnetSubnetID: - type: string - windowsProfile: - description: |- - Storage version of v1api20231102preview.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - disableOutboundNat: - type: boolean + tags: + additionalProperties: + type: string type: object - workloadRuntime: + type: type: string + zones: + items: + type: string + type: array type: object type: object served: true - storage: false + storage: true subresources: status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert + controller-gen.kubebuilder.io/version: v0.16.3 + labels: + app.kubernetes.io/name: azure-service-operator + app.kubernetes.io/version: v2.11.0 + name: privateendpoints.network.azure.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: azureserviceoperator-webhook-service + namespace: azureserviceoperator-system + path: /convert + port: 443 + conversionReviewVersions: + - v1 + group: network.azure.com + names: + kind: PrivateEndpoint + listKind: PrivateEndpointList + plural: privateendpoints + singular: privateendpoint + preserveUnknownFields: false + scope: Namespaced + versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready @@ -46387,13 +58910,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20240402preview + name: v1api20220701 schema: openAPIV3Schema: description: |- Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} properties: apiVersion: description: |- @@ -46414,402 +58937,109 @@ spec: type: object spec: properties: - artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' - properties: - enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. - type: boolean - type: object - availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' items: - type: string + description: An application security group in a resource group. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object type: array azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. - maxLength: 12 - minLength: 1 - pattern: ^[a-z][a-z0-9]{0,11}$ - type: string - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. - type: integer - creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. - properties: - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' - type: boolean - enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. - type: boolean - enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption - type: boolean - enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. - type: boolean - enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. - type: boolean - enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' - type: boolean - gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. - properties: - publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. - maximum: 31 - minimum: 28 - type: integer - type: object - gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g - type: string - gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' - properties: - installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. - type: boolean - type: object - hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' - properties: - allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' - items: - type: string - type: array - containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - minimum: 2 - type: integer - containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' - type: integer - cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' - type: boolean - cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. - type: string - cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. - type: string - failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' - type: boolean - imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' - type: integer - imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' - type: integer - podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' - type: integer - topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. - type: string - type: object - kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - enum: - - OS - - Temporary + doesn't have to be. type: string - linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + customNetworkInterfaceName: + description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' + type: string + extendedLocation: + description: 'ExtendedLocation: The extended location of the load balancer.' properties: - swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' - type: integer - sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' - properties: - fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' - type: integer - fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' - type: integer - fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' - type: integer - fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' - type: integer - kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' - type: integer - netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' - type: integer - netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' - type: integer - netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' - type: integer - netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' - type: integer - netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' - type: integer - netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' - type: integer - netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' - type: integer - netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' - type: string - netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' - type: integer - netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' - type: integer - netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' - type: integer - netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' - type: integer - netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' - type: integer - netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' - type: integer - netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' - type: integer - netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' - type: integer - netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' - type: boolean - netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - maximum: 90 - minimum: 10 - type: integer - netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - maximum: 524288 - minimum: 65536 - type: integer - netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - maximum: 2097152 - minimum: 131072 - type: integer - vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' - type: integer - vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' - type: integer - vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' - type: integer - type: object - transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + name: + description: 'Name: The name of the extended location.' type: string - transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: + description: 'Type: The type of the extended location.' + enum: + - EdgeZone type: string type: object - maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' - type: integer - maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' - type: integer - messageOfTheDay: + ipConfigurations: description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). + IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party + Service's endpoints. + items: + description: An IP Configuration of the private endpoint. + properties: + groupId: + description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' + type: string + memberName: + description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group.' + type: string + privateIPAddress: + description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' + type: string + type: object + type: array + location: + description: 'Location: Resource location.' type: string - minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' - type: integer - mode: + manualPrivateLinkServiceConnections: description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - enum: - - Gateway - - System - - User - type: string - networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' - properties: - allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' - items: - description: The port range. + ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when + the network admin does not have access to approve connections to the remote resource. + items: + description: PrivateLinkServiceConnection resource. + properties: + groupIds: + description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' + items: + type: string + type: array + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + privateLinkServiceConnectionState: + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. properties: - portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. - maximum: 65535 - minimum: 1 - type: integer - portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: 'Protocol: The network protocol of the port.' - enum: - - TCP - - UDP + actionsRequired: + description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + type: string + description: + description: 'Description: The reason for approval/rejection of the connection.' + type: string + status: + description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object - type: array - applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. - items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + privateLinkServiceReference: + description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: description: |- @@ -46828,1013 +59058,1162 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + requestMessage: + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. + type: string + type: object + type: array + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object type: array - nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + primaryNicPrivateIpAddress: + description: |- + PrimaryNicPrivateIpAddress: indicates where the PrimaryNicPrivateIpAddress config map should be placed. If omitted, no + config map will be created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object + type: object + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: Contains the IPTag associated with the object. + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value type: object type: array type: object - nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` - items: - type: string - type: array - nodeLabels: - additionalProperties: - type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' - type: object - nodePublicIPPrefixReference: + owner: description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string name: - description: Name is the Kubernetes name of the resource. + description: This is the name of the Kubernetes resource to reference. type: string type: object - nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + privateLinkServiceConnections: + description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' items: + description: PrivateLinkServiceConnection resource. + properties: + groupIds: + description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' + items: + type: string + type: array + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + privateLinkServiceConnectionState: + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. + properties: + actionsRequired: + description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + type: string + description: + description: 'Description: The reason for approval/rejection of the connection.' + type: string + status: + description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' + type: string + type: object + privateLinkServiceReference: + description: 'PrivateLinkServiceReference: The resource id of private link service.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requestMessage: + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. + type: string + type: object + type: array + subnet: + description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + tags: + additionalProperties: type: string + description: 'Tags: Resource tags.' + type: object + required: + - owner + type: object + status: + description: Private endpoint resource. + properties: + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' + items: + description: An application security group in a resource group. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object type: array - orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). - type: string - osDiskSizeGB: - maximum: 2048 - minimum: 0 - type: integer - osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - enum: - - Ephemeral - - Managed - type: string - osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. - enum: - - AzureLinux - - CBLMariner - - Mariner - - Ubuntu - - Windows2019 - - Windows2022 - - WindowsAnnual + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + customDnsConfigs: + description: 'CustomDnsConfigs: An array of custom dns configurations.' + items: + description: Contains custom Dns resolution configuration from customer. + properties: + fqdn: + description: 'Fqdn: Fqdn that resolves to private endpoint ip address.' + type: string + ipAddresses: + description: 'IpAddresses: A list of private ip addresses of the private endpoint.' + items: + type: string + type: array + type: object + type: array + customNetworkInterfaceName: + description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' type: string - osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource + extendedLocation: + description: 'ExtendedLocation: The extended location of the load balancer.' properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - podIPAllocationMode: - description: |- - PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is - 'DynamicIndividual'. - enum: - - DynamicIndividual - - StaticBlock - type: string - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. + description: 'Name: The name of the extended location.' type: string - name: - description: Name is the Kubernetes name of the resource. + type: + description: 'Type: The type of the extended location.' type: string type: object - powerState: + id: + description: 'Id: Resource ID.' + type: string + ipConfigurations: description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - enum: - - Running - - Stopped - type: string - type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - enum: - - Deallocate - - Delete + IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party + Service's endpoints. + items: + description: An IP Configuration of the private endpoint. + properties: + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' + type: string + groupId: + description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' + type: string + memberName: + description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group.' + type: string + privateIPAddress: + description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' + type: string + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + location: + description: 'Location: Resource location.' type: string - scaleSetEvictionPolicy: + manualPrivateLinkServiceConnections: description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - enum: - - Deallocate - - Delete + ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when + the network admin does not have access to approve connections to the remote resource. + items: + description: PrivateLinkServiceConnection resource. + properties: + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' + type: string + groupIds: + description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' + items: + type: string + type: array + id: + description: 'Id: Resource ID.' + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + privateLinkServiceConnectionState: + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. + properties: + actionsRequired: + description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + type: string + description: + description: 'Description: The reason for approval/rejection of the connection.' + type: string + status: + description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' + type: string + type: object + privateLinkServiceId: + description: 'PrivateLinkServiceId: The resource id of private link service.' + type: string + provisioningState: + description: 'ProvisioningState: The provisioning state of the private link service connection resource.' + type: string + requestMessage: + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. + type: string + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + name: + description: 'Name: Resource name.' type: string - scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - enum: - - Regular - - Spot + networkInterfaces: + description: 'NetworkInterfaces: An array of references to the network interfaces created for this private endpoint.' + items: + description: A network interface in a resource group. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + privateLinkServiceConnections: + description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' + items: + description: PrivateLinkServiceConnection resource. + properties: + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' + type: string + groupIds: + description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' + items: + type: string + type: array + id: + description: 'Id: Resource ID.' + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + privateLinkServiceConnectionState: + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. + properties: + actionsRequired: + description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + type: string + description: + description: 'Description: The reason for approval/rejection of the connection.' + type: string + status: + description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' + type: string + type: object + privateLinkServiceId: + description: 'PrivateLinkServiceId: The resource id of private link service.' + type: string + provisioningState: + description: 'ProvisioningState: The provisioning state of the private link service connection resource.' + type: string + requestMessage: + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. + type: string + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + provisioningState: + description: 'ProvisioningState: The provisioning state of the private endpoint resource.' type: string - securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' + subnet: + description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' properties: - enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. - type: boolean - enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. - type: boolean - sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' - enum: - - Disabled - - LocalUser + id: + description: 'Id: Resource ID.' type: string type: object - spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) - type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + description: 'Tags: Resource tags.' type: object type: - description: 'Type: The type of Agent Pool.' - enum: - - AvailabilitySet - - VirtualMachineScaleSets - - VirtualMachines + description: 'Type: Resource type.' type: string - upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' - properties: - drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. - maximum: 1440 - minimum: 1 - type: integer - maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade - type: string - nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. - maximum: 30 - minimum: 0 - type: integer - undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. - enum: - - Cordon - - Schedule - type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20220701storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20220701.PrivateEndpoint + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20220701.PrivateEndpoint_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - virtualMachineNodesStatus: + applicationSecurityGroups: items: - description: Current status on a group of nodes of the same vm size. + description: |- + Storage version of v1api20220701.ApplicationSecurityGroupSpec_PrivateEndpoint_SubResourceEmbedded + An application security group in a resource group. properties: - count: - description: 'Count: Number of nodes.' - type: integer - size: - description: 'Size: The VM size of the agents used to host this group of nodes.' - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array - virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' - properties: - scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' - properties: - autoscale: - description: |- - Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, - at most one AutoScaleProfile is allowed. - items: - description: Specifications on auto-scaling. - properties: - maxCount: - description: 'MaxCount: The maximum number of nodes of the specified sizes.' - type: integer - minCount: - description: 'MinCount: The minimum number of nodes of the specified sizes.' - type: integer - sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS - will use the next size. - items: - type: string - type: array - type: object - type: array - manual: - description: |- - Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size. Currently, at most one - ManualScaleProfile is allowed. - items: - description: Specifications on number of machines. - properties: - count: - description: 'Count: Number of nodes.' - type: integer - sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will - use the next size. - items: - type: string - type: array - type: object - type: array - type: object - type: object - vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions - type: string - vnetSubnetReference: + azureName: description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' - properties: - disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. - type: boolean - type: object - workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' - enum: - - KataMshvVmIsolation - - OCIContainer - - WasmWasi - type: string - required: - - owner - type: object - status: - properties: - artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + customNetworkInterfaceName: + type: string + extendedLocation: + description: |- + Storage version of v1api20220701.ExtendedLocation + ExtendedLocation complex type. properties: - enabled: + $propertyBag: + additionalProperties: + type: string description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. - type: boolean + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + type: + type: string type: object - availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. + ipConfigurations: items: - type: string + description: |- + Storage version of v1api20220701.PrivateEndpointIPConfiguration + An IP Configuration of the private endpoint. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupId: + type: string + memberName: + type: string + name: + type: string + privateIPAddress: + type: string + type: object type: array - capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + location: type: string - conditions: - description: 'Conditions: The observed state of the resource' + manualPrivateLinkServiceConnections: items: - description: Condition defines an extension to status (an observation) of a resource + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnection + PrivateLinkServiceConnection resource. properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: + $propertyBag: + additionalProperties: + type: string description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupIds: + items: + type: string + type: array + name: type: string - severity: + privateLinkServiceConnectionState: description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. + Storage version of v1api20220701.PrivateLinkServiceConnectionState + A collection of information about the state of the connection between service consumer and provider. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + actionsRequired: + type: string + description: + type: string + status: + type: string + type: object + privateLinkServiceReference: + description: 'PrivateLinkServiceReference: The resource id of private link service.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requestMessage: type: string - required: - - lastTransitionTime - - reason - - status - - type type: object type: array - count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. - type: integer - creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. - properties: - sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' - type: string - type: object - currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be - exactly equal to it. If orchestratorVersion was , this field will contain the full - version being used. - type: string - eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. - type: string - enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' - type: boolean - enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. - type: boolean - enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption - type: boolean - enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. - type: boolean - enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. - type: boolean - enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' - type: boolean - gatewayProfile: + operatorSpec: description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. - properties: - publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. - type: integer - type: object - gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - type: string - gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' + Storage version of v1api20220701.PrivateEndpointOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: - installGPUDriver: + $propertyBag: + additionalProperties: + type: string description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. - type: boolean - type: object - hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - type: string - id: - description: 'Id: Resource ID.' - type: string - kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' - properties: - allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: items: - type: string + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object type: array - containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. - type: integer - containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' - type: integer - cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' - type: boolean - cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. - type: string - cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. - type: string - failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' - type: boolean - imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' - type: integer - imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' - type: integer - podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' - type: integer - topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. - type: string - type: object - kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. - type: string - linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' - properties: - swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' - type: integer - sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' + configMaps: + description: Storage version of v1api20220701.PrivateEndpointOperatorConfigMaps properties: - fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' - type: integer - fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' - type: integer - fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' - type: integer - fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' - type: integer - kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' - type: integer - netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' - type: integer - netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' - type: integer - netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' - type: integer - netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' - type: integer - netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' - type: integer - netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' - type: integer - netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' - type: integer - netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' - type: string - netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' - type: integer - netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' - type: integer - netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' - type: integer - netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' - type: integer - netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' - type: integer - netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' - type: integer - netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' - type: integer - netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' - type: integer - netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' - type: boolean - netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - type: integer - netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - type: integer - netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - type: integer - vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' - type: integer - vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' - type: integer - vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' - type: integer + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + primaryNicPrivateIpAddress: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object type: object - transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). - type: string - transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). - type: string + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array type: object - maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' - type: integer - maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' - type: integer - messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). + originalVersion: type: string - minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' - type: integer - mode: + owner: description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools - type: string - name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' - type: string - networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: - allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' - items: - description: The port range. - properties: - portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. - type: integer - portStart: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + privateLinkServiceConnections: + items: + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnection + PrivateLinkServiceConnection resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupIds: + items: + type: string + type: array + name: + type: string + privateLinkServiceConnectionState: + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnectionState + A collection of information about the state of the connection between service consumer and provider. + properties: + $propertyBag: + additionalProperties: + type: string description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. - type: integer - protocol: - description: 'Protocol: The network protocol of the port.' + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + actionsRequired: + type: string + description: + type: string + status: type: string type: object - type: array - applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' - items: - type: string - type: array - nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' - items: - description: Contains the IPTag associated with the object. + privateLinkServiceReference: + description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: - ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object - type: array - type: object - nodeImageVersion: - description: 'NodeImageVersion: The version of node image' - type: string - nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` - items: - type: string - type: array - nodeLabels: - additionalProperties: - type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' - type: object - nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - type: string - nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' - items: - type: string + requestMessage: + type: string + type: object type: array - orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). - type: string - osDiskSizeGB: - type: integer - osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). - type: string - osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. - type: string - osType: - description: 'OsType: The operating system type. The default is Linux.' - type: string - podIPAllocationMode: - description: |- - PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is - 'DynamicIndividual'. - type: string - podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - type: string - powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded - properties: - code: - description: 'Code: Tells whether the cluster is Running or Stopped' - type: string - type: object - properties_type: - description: 'PropertiesType: The type of Agent Pool.' - type: string - provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' - type: string - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' - type: string - scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' - type: string - scaleSetEvictionPolicy: + subnet: description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. - type: string - scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' - type: string - securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' + Storage version of v1api20220701.Subnet_PrivateEndpoint_SubResourceEmbedded + Subnet in a virtual network resource. properties: - enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. - type: boolean - enableVTPM: + $propertyBag: + additionalProperties: + type: string description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. - type: boolean - sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' - type: string + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) - type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object - type: - description: 'Type: Resource type' + required: + - owner + type: object + status: + description: |- + Storage version of v1api20220701.PrivateEndpoint_STATUS_PrivateEndpoint_SubResourceEmbedded + Private endpoint resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + applicationSecurityGroups: + items: + description: |- + Storage version of v1api20220701.ApplicationSecurityGroup_STATUS_PrivateEndpoint_SubResourceEmbedded + An application security group in a resource group. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + customDnsConfigs: + items: + description: |- + Storage version of v1api20220701.CustomDnsConfigPropertiesFormat_STATUS + Contains custom Dns resolution configuration from customer. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fqdn: + type: string + ipAddresses: + items: + type: string + type: array + type: object + type: array + customNetworkInterfaceName: type: string - upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' + etag: + type: string + extendedLocation: + description: |- + Storage version of v1api20220701.ExtendedLocation_STATUS + ExtendedLocation complex type. properties: - drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. - type: integer - maxSurge: + $propertyBag: + additionalProperties: + type: string description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: type: string - nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. - type: integer - undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. + type: type: string type: object - virtualMachineNodesStatus: + id: + type: string + ipConfigurations: items: - description: Current status on a group of nodes of the same vm size. + description: |- + Storage version of v1api20220701.PrivateEndpointIPConfiguration_STATUS + An IP Configuration of the private endpoint. properties: - count: - description: 'Count: Number of nodes.' - type: integer - size: - description: 'Size: The VM size of the agents used to host this group of nodes.' + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + etag: + type: string + groupId: + type: string + memberName: + type: string + name: + type: string + privateIPAddress: + type: string + type: type: string type: object type: array - virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' - properties: - scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' - properties: - autoscale: - description: |- - Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, - at most one AutoScaleProfile is allowed. - items: - description: Specifications on auto-scaling. - properties: - maxCount: - description: 'MaxCount: The maximum number of nodes of the specified sizes.' - type: integer - minCount: - description: 'MinCount: The minimum number of nodes of the specified sizes.' - type: integer - sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS - will use the next size. - items: - type: string - type: array + location: + type: string + manualPrivateLinkServiceConnections: + items: + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS + PrivateLinkServiceConnection resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + etag: + type: string + groupIds: + items: + type: string + type: array + id: + type: string + name: + type: string + privateLinkServiceConnectionState: + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS + A collection of information about the state of the connection between service consumer and provider. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - type: array - manual: - description: |- - Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size. Currently, at most one - ManualScaleProfile is allowed. - items: - description: Specifications on number of machines. - properties: - count: - description: 'Count: Number of nodes.' - type: integer - sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will - use the next size. - items: - type: string - type: array + actionsRequired: + type: string + description: + type: string + status: + type: string + type: object + privateLinkServiceId: + type: string + provisioningState: + type: string + requestMessage: + type: string + type: + type: string + type: object + type: array + name: + type: string + networkInterfaces: + items: + description: |- + Storage version of v1api20220701.NetworkInterface_STATUS_PrivateEndpoint_SubResourceEmbedded + A network interface in a resource group. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + privateLinkServiceConnections: + items: + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS + PrivateLinkServiceConnection resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + etag: + type: string + groupIds: + items: + type: string + type: array + id: + type: string + name: + type: string + privateLinkServiceConnectionState: + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS + A collection of information about the state of the connection between service consumer and provider. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - type: array - type: object - type: object - vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions + actionsRequired: + type: string + description: + type: string + status: + type: string + type: object + privateLinkServiceId: + type: string + provisioningState: + type: string + requestMessage: + type: string + type: + type: string + type: object + type: array + provisioningState: type: string - vnetSubnetID: + subnet: description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - type: string - windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' + Storage version of v1api20220701.Subnet_STATUS_PrivateEndpoint_SubResourceEmbedded + Subnet in a virtual network resource. properties: - disableOutboundNat: + $propertyBag: + additionalProperties: + type: string description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. - type: boolean + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string type: object - workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' + tags: + additionalProperties: + type: string + type: object + type: type: string type: object type: object @@ -47855,14 +60234,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20240402previewstorage + name: v1api20240301 schema: openAPIV3Schema: description: |- - Storage version of v1api20240402preview.ManagedClustersAgentPool Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/privateEndpoint.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} properties: apiVersion: description: |- @@ -47882,330 +60260,265 @@ spec: metadata: type: object spec: - description: Storage version of v1api20240402preview.ManagedClusters_AgentPool_Spec properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - artifactStreamingProfile: - description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - enabled: - type: boolean - type: object - availabilityZones: + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' items: - type: string + description: An application security group in a resource group. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object type: array azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + customNetworkInterfaceName: + description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' + type: string + extendedLocation: + description: 'ExtendedLocation: The extended location of the load balancer.' properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string name: - description: Name is the Kubernetes name of the resource. + description: 'Name: The name of the extended location.' + type: string + type: + description: 'Type: The type of the extended location.' + enum: + - EdgeZone type: string type: object - count: - type: integer - creationData: + ipConfigurations: description: |- - Storage version of v1api20240402preview.CreationData - Data used when creating a target resource from a source resource. - properties: - $propertyBag: - additionalProperties: + IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party + Service's endpoints. + items: + description: An IP Configuration of the private endpoint. + properties: + groupId: + description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - enableAutoScaling: - type: boolean - enableCustomCATrust: - type: boolean - enableEncryptionAtHost: - type: boolean - enableFIPS: - type: boolean - enableNodePublicIP: - type: boolean - enableUltraSSD: - type: boolean - gatewayProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolGatewayProfile - Profile of the managed cluster gateway agent pool. - properties: - $propertyBag: - additionalProperties: + memberName: + description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - publicIPPrefixSize: - type: integer - type: object - gpuInstanceProfile: - type: string - gpuProfile: - description: Storage version of v1api20240402preview.AgentPoolGPUProfile - properties: - $propertyBag: - additionalProperties: + name: + description: 'Name: The name of the resource that is unique within a resource group.' type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - installGPUDriver: - type: boolean - type: object - hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - kubeletConfig: + privateIPAddress: + description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' + type: string + type: object + type: array + location: + description: 'Location: Resource location.' + type: string + manualPrivateLinkServiceConnections: description: |- - Storage version of v1api20240402preview.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. - properties: - $propertyBag: - additionalProperties: + ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when + the network admin does not have access to approve connections to the remote resource. + items: + description: PrivateLinkServiceConnection resource. + properties: + groupIds: + description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' + items: + type: string + type: array + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - allowedUnsafeSysctls: - items: + privateLinkServiceConnectionState: + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. + properties: + actionsRequired: + description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + type: string + description: + description: 'Description: The reason for approval/rejection of the connection.' + type: string + status: + description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' + type: string + type: object + privateLinkServiceReference: + description: 'PrivateLinkServiceReference: The resource id of private link service.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requestMessage: + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. type: string - type: array - containerLogMaxFiles: - type: integer - containerLogMaxSizeMB: - type: integer - cpuCfsQuota: - type: boolean - cpuCfsQuotaPeriod: - type: string - cpuManagerPolicy: - type: string - failSwapOn: - type: boolean - imageGcHighThreshold: - type: integer - imageGcLowThreshold: - type: integer - podMaxPids: - type: integer - topologyManagerPolicy: - type: string - type: object - kubeletDiskType: - type: string - linuxOSConfig: + type: object + type: array + operatorSpec: description: |- - Storage version of v1api20240402preview.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - swapFileSizeMB: - type: integer - sysctls: - description: |- - Storage version of v1api20240402preview.SysctlConfig - Sysctl settings for Linux agent nodes. - properties: - $propertyBag: - additionalProperties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + primaryNicPrivateIpAddress: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions + PrimaryNicPrivateIpAddress: indicates where the PrimaryNicPrivateIpAddress config map should be placed. If omitted, no + config map will be created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name type: object - fsAioMaxNr: - type: integer - fsFileMax: - type: integer - fsInotifyMaxUserWatches: - type: integer - fsNrOpen: - type: integer - kernelThreadsMax: - type: integer - netCoreNetdevMaxBacklog: - type: integer - netCoreOptmemMax: - type: integer - netCoreRmemDefault: - type: integer - netCoreRmemMax: - type: integer - netCoreSomaxconn: - type: integer - netCoreWmemDefault: - type: integer - netCoreWmemMax: - type: integer - netIpv4IpLocalPortRange: - type: string - netIpv4NeighDefaultGcThresh1: - type: integer - netIpv4NeighDefaultGcThresh2: - type: integer - netIpv4NeighDefaultGcThresh3: - type: integer - netIpv4TcpFinTimeout: - type: integer - netIpv4TcpKeepaliveProbes: - type: integer - netIpv4TcpKeepaliveTime: - type: integer - netIpv4TcpMaxSynBacklog: - type: integer - netIpv4TcpMaxTwBuckets: - type: integer - netIpv4TcpTwReuse: - type: boolean - netIpv4TcpkeepaliveIntvl: - type: integer - netNetfilterNfConntrackBuckets: - type: integer - netNetfilterNfConntrackMax: - type: integer - vmMaxMapCount: - type: integer - vmSwappiness: - type: integer - vmVfsCachePressure: - type: integer type: object - transparentHugePageDefrag: - type: string - transparentHugePageEnabled: - type: string + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array type: object - maxCount: - type: integer - maxPods: - type: integer - messageOfTheDay: - type: string - minCount: - type: integer - mode: - type: string - networkProfile: + owner: description: |- - Storage version of v1api20240402preview.AgentPoolNetworkProfile - Network settings of an agent pool. + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - allowedHostPorts: - items: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + privateLinkServiceConnections: + description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' + items: + description: PrivateLinkServiceConnection resource. + properties: + groupIds: + description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' + items: + type: string + type: array + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + privateLinkServiceConnectionState: description: |- - Storage version of v1api20240402preview.PortRange - The port range. + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - portEnd: - type: integer - portStart: - type: integer - protocol: + actionsRequired: + description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + type: string + description: + description: 'Description: The reason for approval/rejection of the connection.' + type: string + status: + description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object - type: array - applicationSecurityGroupsReferences: - items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + privateLinkServiceReference: + description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: description: |- @@ -48224,205 +60537,359 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - type: array - nodePublicIPTags: - items: + requestMessage: description: |- - Storage version of v1api20240402preview.IPTag - Contains the IPTag associated with the object. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - ipTagType: - type: string - tag: - type: string - type: object - type: array - type: object - nodeInitializationTaints: - items: - type: string + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. + type: string + type: object type: array - nodeLabels: + subnet: + description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + tags: additionalProperties: type: string + description: 'Tags: Resource tags.' type: object - nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - nodeTaints: + required: + - owner + type: object + status: + description: Private endpoint resource. + properties: + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' items: - type: string + description: An application security group in a resource group. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object type: array - orchestratorVersion: - type: string - originalVersion: - type: string - osDiskSizeGB: - type: integer - osDiskType: - type: string - osSKU: + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + customDnsConfigs: + description: 'CustomDnsConfigs: An array of custom dns configurations.' + items: + description: Contains custom Dns resolution configuration from customer. + properties: + fqdn: + description: 'Fqdn: Fqdn that resolves to private endpoint ip address.' + type: string + ipAddresses: + description: 'IpAddresses: A list of private ip addresses of the private endpoint.' + items: + type: string + type: array + type: object + type: array + customNetworkInterfaceName: + description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' type: string - osType: + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource + extendedLocation: + description: 'ExtendedLocation: The extended location of the load balancer.' properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - podIPAllocationMode: - type: string - podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. + description: 'Name: The name of the extended location.' type: string - name: - description: Name is the Kubernetes name of the resource. + type: + description: 'Type: The type of the extended location.' type: string type: object - powerState: + id: + description: 'Id: Resource ID.' + type: string + ipConfigurations: description: |- - Storage version of v1api20240402preview.PowerState - Describes the Power State of the cluster - properties: - $propertyBag: - additionalProperties: + IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party + Service's endpoints. + items: + description: An IP Configuration of the private endpoint. + properties: + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - code: - type: string - type: object - proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - scaleDownMode: + groupId: + description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' + type: string + memberName: + description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group.' + type: string + privateIPAddress: + description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' + type: string + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + location: + description: 'Location: Resource location.' type: string - scaleSetEvictionPolicy: + manualPrivateLinkServiceConnections: + description: |- + ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when + the network admin does not have access to approve connections to the remote resource. + items: + description: PrivateLinkServiceConnection resource. + properties: + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' + type: string + groupIds: + description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' + items: + type: string + type: array + id: + description: 'Id: Resource ID.' + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + privateLinkServiceConnectionState: + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. + properties: + actionsRequired: + description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + type: string + description: + description: 'Description: The reason for approval/rejection of the connection.' + type: string + status: + description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' + type: string + type: object + privateLinkServiceId: + description: 'PrivateLinkServiceId: The resource id of private link service.' + type: string + provisioningState: + description: 'ProvisioningState: The provisioning state of the private link service connection resource.' + type: string + requestMessage: + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. + type: string + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + name: + description: 'Name: Resource name.' type: string - scaleSetPriority: + networkInterfaces: + description: 'NetworkInterfaces: An array of references to the network interfaces created for this private endpoint.' + items: + description: A network interface in a resource group. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + privateLinkServiceConnections: + description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' + items: + description: PrivateLinkServiceConnection resource. + properties: + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' + type: string + groupIds: + description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' + items: + type: string + type: array + id: + description: 'Id: Resource ID.' + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + privateLinkServiceConnectionState: + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. + properties: + actionsRequired: + description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + type: string + description: + description: 'Description: The reason for approval/rejection of the connection.' + type: string + status: + description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' + type: string + type: object + privateLinkServiceId: + description: 'PrivateLinkServiceId: The resource id of private link service.' + type: string + provisioningState: + description: 'ProvisioningState: The provisioning state of the private link service connection resource.' + type: string + requestMessage: + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. + type: string + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + provisioningState: + description: 'ProvisioningState: The provisioning state of the private endpoint resource.' type: string - securityProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolSecurityProfile - The security settings of an agent pool. + subnet: + description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - enableSecureBoot: - type: boolean - enableVTPM: - type: boolean - sshAccess: + id: + description: 'Id: Resource ID.' type: string type: object - spotMaxPrice: - type: number tags: additionalProperties: type: string + description: 'Tags: Resource tags.' type: object type: + description: 'Type: Resource type.' type: string - upgradeSettings: - description: |- - Storage version of v1api20240402preview.AgentPoolUpgradeSettings - Settings for upgrading an agentpool - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - drainTimeoutInMinutes: - type: integer - maxSurge: - type: string - nodeSoakDurationInMinutes: - type: integer - undrainableNodeBehavior: - type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20240301storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20240301.PrivateEndpoint + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/privateEndpoint.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20240301.PrivateEndpoint_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - virtualMachineNodesStatus: + applicationSecurityGroups: items: description: |- - Storage version of v1api20240402preview.VirtualMachineNodes - Current status on a group of nodes of the same vm size. + Storage version of v1api20240301.ApplicationSecurityGroupSpec_PrivateEndpoint_SubResourceEmbedded + An application security group in a resource group. properties: $propertyBag: additionalProperties: @@ -48431,139 +60898,39 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - count: - type: integer - size: - type: string + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object type: array - virtualMachinesProfile: + azureName: description: |- - Storage version of v1api20240402preview.VirtualMachinesProfile - Specifications on VirtualMachines agent pool. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - scale: - description: |- - Storage version of v1api20240402preview.ScaleProfile - Specifications on how to scale a VirtualMachines agent pool. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - autoscale: - items: - description: |- - Storage version of v1api20240402preview.AutoScaleProfile - Specifications on auto-scaling. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - maxCount: - type: integer - minCount: - type: integer - sizes: - items: - type: string - type: array - type: object - type: array - manual: - items: - description: |- - Storage version of v1api20240402preview.ManualScaleProfile - Specifications on number of machines. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - count: - type: integer - sizes: - items: - type: string - type: array - type: object - type: array - type: object - type: object - vmSize: + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string - vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - windowsProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolWindowsProfile - The Windows agent pool's specific profile. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - disableOutboundNat: - type: boolean - type: object - workloadRuntime: + customNetworkInterfaceName: type: string - required: - - owner - type: object - status: - description: Storage version of v1api20240402preview.ManagedClusters_AgentPool_STATUS - properties: - $propertyBag: - additionalProperties: - type: string + extendedLocation: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - artifactStreamingProfile: - description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile_STATUS + Storage version of v1api20240301.ExtendedLocation + ExtendedLocation complex type. properties: $propertyBag: additionalProperties: @@ -48572,129 +60939,102 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - enabled: - type: boolean + name: + type: string + type: + type: string type: object - availabilityZones: - items: - type: string - type: array - capacityReservationGroupID: - type: string - conditions: + ipConfigurations: items: - description: Condition defines an extension to status (an observation) of a resource + description: |- + Storage version of v1api20240301.PrivateEndpointIPConfiguration + An IP Configuration of the private endpoint. properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: + $propertyBag: + additionalProperties: + type: string description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupId: type: string - severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown + memberName: type: string - status: - description: Status of the condition, one of True, False, or Unknown. + name: type: string - type: - description: Type of condition. + privateIPAddress: type: string - required: - - lastTransitionTime - - reason - - status - - type type: object type: array - count: - type: integer - creationData: - description: |- - Storage version of v1api20240402preview.CreationData_STATUS - Data used when creating a target resource from a source resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - sourceResourceId: - type: string - type: object - currentOrchestratorVersion: - type: string - eTag: + location: type: string - enableAutoScaling: - type: boolean - enableCustomCATrust: - type: boolean - enableEncryptionAtHost: - type: boolean - enableFIPS: - type: boolean - enableNodePublicIP: - type: boolean - enableUltraSSD: - type: boolean - gatewayProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolGatewayProfile_STATUS - Profile of the managed cluster gateway agent pool. - properties: - $propertyBag: - additionalProperties: + manualPrivateLinkServiceConnections: + items: + description: |- + Storage version of v1api20240301.PrivateLinkServiceConnection + PrivateLinkServiceConnection resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupIds: + items: + type: string + type: array + name: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - publicIPPrefixSize: - type: integer - type: object - gpuInstanceProfile: - type: string - gpuProfile: - description: Storage version of v1api20240402preview.AgentPoolGPUProfile_STATUS - properties: - $propertyBag: - additionalProperties: + privateLinkServiceConnectionState: + description: |- + Storage version of v1api20240301.PrivateLinkServiceConnectionState + A collection of information about the state of the connection between service consumer and provider. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + actionsRequired: + type: string + description: + type: string + status: + type: string + type: object + privateLinkServiceReference: + description: 'PrivateLinkServiceReference: The resource id of private link service.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requestMessage: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - installGPUDriver: - type: boolean - type: object - hostGroupID: - type: string - id: - type: string - kubeletConfig: + type: object + type: array + operatorSpec: description: |- - Storage version of v1api20240402preview.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + Storage version of v1api20240301.PrivateEndpointOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: @@ -48703,51 +61043,37 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - allowedUnsafeSysctls: + configMapExpressions: items: - type: string + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object type: array - containerLogMaxFiles: - type: integer - containerLogMaxSizeMB: - type: integer - cpuCfsQuota: - type: boolean - cpuCfsQuotaPeriod: - type: string - cpuManagerPolicy: - type: string - failSwapOn: - type: boolean - imageGcHighThreshold: - type: integer - imageGcLowThreshold: - type: integer - podMaxPids: - type: integer - topologyManagerPolicy: - type: string - type: object - kubeletDiskType: - type: string - linuxOSConfig: - description: |- - Storage version of v1api20240402preview.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - swapFileSizeMB: - type: integer - sysctls: - description: |- - Storage version of v1api20240402preview.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. + configMaps: + description: Storage version of v1api20240301.PrivateEndpointOperatorConfigMaps properties: $propertyBag: additionalProperties: @@ -48756,97 +61082,93 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - fsAioMaxNr: - type: integer - fsFileMax: - type: integer - fsInotifyMaxUserWatches: - type: integer - fsNrOpen: - type: integer - kernelThreadsMax: - type: integer - netCoreNetdevMaxBacklog: - type: integer - netCoreOptmemMax: - type: integer - netCoreRmemDefault: - type: integer - netCoreRmemMax: - type: integer - netCoreSomaxconn: - type: integer - netCoreWmemDefault: - type: integer - netCoreWmemMax: - type: integer - netIpv4IpLocalPortRange: - type: string - netIpv4NeighDefaultGcThresh1: - type: integer - netIpv4NeighDefaultGcThresh2: - type: integer - netIpv4NeighDefaultGcThresh3: - type: integer - netIpv4TcpFinTimeout: - type: integer - netIpv4TcpKeepaliveProbes: - type: integer - netIpv4TcpKeepaliveTime: - type: integer - netIpv4TcpMaxSynBacklog: - type: integer - netIpv4TcpMaxTwBuckets: - type: integer - netIpv4TcpTwReuse: - type: boolean - netIpv4TcpkeepaliveIntvl: - type: integer - netNetfilterNfConntrackBuckets: - type: integer - netNetfilterNfConntrackMax: - type: integer - vmMaxMapCount: - type: integer - vmSwappiness: - type: integer - vmVfsCachePressure: - type: integer + primaryNicPrivateIpAddress: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to: SecretDestination in secrets.go. + Changes to one may need to be made to the others as well. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap to write to. + The ConfigMap will be created in the same namespace as the resource. + type: string + required: + - key + - name + type: object type: object - transparentHugePageDefrag: - type: string - transparentHugePageEnabled: - type: string + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array type: object - maxCount: - type: integer - maxPods: - type: integer - messageOfTheDay: - type: string - minCount: - type: integer - mode: - type: string - name: + originalVersion: type: string - networkProfile: + owner: description: |- - Storage version of v1api20240402preview.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: - $propertyBag: - additionalProperties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + privateLinkServiceConnections: + items: + description: |- + Storage version of v1api20240301.PrivateLinkServiceConnection + PrivateLinkServiceConnection resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupIds: + items: + type: string + type: array + name: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - allowedHostPorts: - items: + privateLinkServiceConnectionState: description: |- - Storage version of v1api20240402preview.PortRange_STATUS - The port range. + Storage version of v1api20240301.PrivateLinkServiceConnectionState + A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: @@ -48855,72 +61177,41 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - portEnd: - type: integer - portStart: - type: integer - protocol: + actionsRequired: + type: string + description: + type: string + status: type: string type: object - type: array - applicationSecurityGroups: - items: - type: string - type: array - nodePublicIPTags: - items: - description: |- - Storage version of v1api20240402preview.IPTag_STATUS - Contains the IPTag associated with the object. + privateLinkServiceReference: + description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: - $propertyBag: - additionalProperties: - type: string + armId: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - ipTagType: + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - tag: + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. type: string type: object - type: array - type: object - nodeImageVersion: - type: string - nodeInitializationTaints: - items: - type: string - type: array - nodeLabels: - additionalProperties: - type: string - type: object - nodePublicIPPrefixID: - type: string - nodeTaints: - items: - type: string + requestMessage: + type: string + type: object type: array - orchestratorVersion: - type: string - osDiskSizeGB: - type: integer - osDiskType: - type: string - osSKU: - type: string - osType: - type: string - podIPAllocationMode: - type: string - podSubnetID: - type: string - powerState: + subnet: description: |- - Storage version of v1api20240402preview.PowerState_STATUS - Describes the Power State of the cluster + Storage version of v1api20240301.Subnet_PrivateEndpoint_SubResourceEmbedded + Subnet in a virtual network resource. properties: $propertyBag: additionalProperties: @@ -48929,52 +61220,135 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - code: - type: string - type: object - properties_type: - type: string - provisioningState: - type: string - proximityPlacementGroupID: - type: string - scaleDownMode: - type: string - scaleSetEvictionPolicy: - type: string - scaleSetPriority: - type: string - securityProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string type: object - enableSecureBoot: - type: boolean - enableVTPM: - type: boolean - sshAccess: - type: string type: object - spotMaxPrice: - type: number tags: additionalProperties: type: string type: object - type: + required: + - owner + type: object + status: + description: |- + Storage version of v1api20240301.PrivateEndpoint_STATUS_PrivateEndpoint_SubResourceEmbedded + Private endpoint resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + applicationSecurityGroups: + items: + description: |- + Storage version of v1api20240301.ApplicationSecurityGroup_STATUS_PrivateEndpoint_SubResourceEmbedded + An application security group in a resource group. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + customDnsConfigs: + items: + description: |- + Storage version of v1api20240301.CustomDnsConfigPropertiesFormat_STATUS + Contains custom Dns resolution configuration from customer. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fqdn: + type: string + ipAddresses: + items: + type: string + type: array + type: object + type: array + customNetworkInterfaceName: type: string - upgradeSettings: + etag: + type: string + extendedLocation: description: |- - Storage version of v1api20240402preview.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool + Storage version of v1api20240301.ExtendedLocation_STATUS + ExtendedLocation complex type. properties: $propertyBag: additionalProperties: @@ -48983,20 +61357,18 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - drainTimeoutInMinutes: - type: integer - maxSurge: + name: type: string - nodeSoakDurationInMinutes: - type: integer - undrainableNodeBehavior: + type: type: string type: object - virtualMachineNodesStatus: + id: + type: string + ipConfigurations: items: description: |- - Storage version of v1api20240402preview.VirtualMachineNodes_STATUS - Current status on a group of nodes of the same vm size. + Storage version of v1api20240301.PrivateEndpointIPConfiguration_STATUS + An IP Configuration of the private endpoint. properties: $propertyBag: additionalProperties: @@ -49005,90 +61377,151 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - count: - type: integer - size: + etag: + type: string + groupId: + type: string + memberName: + type: string + name: + type: string + privateIPAddress: + type: string + type: type: string type: object type: array - virtualMachinesProfile: - description: |- - Storage version of v1api20240402preview.VirtualMachinesProfile_STATUS - Specifications on VirtualMachines agent pool. - properties: - $propertyBag: - additionalProperties: + location: + type: string + manualPrivateLinkServiceConnections: + items: + description: |- + Storage version of v1api20240301.PrivateLinkServiceConnection_STATUS + PrivateLinkServiceConnection resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + etag: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - scale: - description: |- - Storage version of v1api20240402preview.ScaleProfile_STATUS - Specifications on how to scale a VirtualMachines agent pool. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - autoscale: - items: + groupIds: + items: + type: string + type: array + id: + type: string + name: + type: string + privateLinkServiceConnectionState: + description: |- + Storage version of v1api20240301.PrivateLinkServiceConnectionState_STATUS + A collection of information about the state of the connection between service consumer and provider. + properties: + $propertyBag: + additionalProperties: + type: string description: |- - Storage version of v1api20240402preview.AutoScaleProfile_STATUS - Specifications on auto-scaling. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - maxCount: - type: integer - minCount: - type: integer - sizes: - items: - type: string - type: array + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - type: array - manual: - items: + actionsRequired: + type: string + description: + type: string + status: + type: string + type: object + privateLinkServiceId: + type: string + provisioningState: + type: string + requestMessage: + type: string + type: + type: string + type: object + type: array + name: + type: string + networkInterfaces: + items: + description: |- + Storage version of v1api20240301.NetworkInterface_STATUS_PrivateEndpoint_SubResourceEmbedded + A network interface in a resource group. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + privateLinkServiceConnections: + items: + description: |- + Storage version of v1api20240301.PrivateLinkServiceConnection_STATUS + PrivateLinkServiceConnection resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + etag: + type: string + groupIds: + items: + type: string + type: array + id: + type: string + name: + type: string + privateLinkServiceConnectionState: + description: |- + Storage version of v1api20240301.PrivateLinkServiceConnectionState_STATUS + A collection of information about the state of the connection between service consumer and provider. + properties: + $propertyBag: + additionalProperties: + type: string description: |- - Storage version of v1api20240402preview.ManualScaleProfile_STATUS - Specifications on number of machines. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - count: - type: integer - sizes: - items: - type: string - type: array + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - type: array - type: object - type: object - vmSize: - type: string - vnetSubnetID: + actionsRequired: + type: string + description: + type: string + status: + type: string + type: object + privateLinkServiceId: + type: string + provisioningState: + type: string + requestMessage: + type: string + type: + type: string + type: object + type: array + provisioningState: type: string - windowsProfile: + subnet: description: |- - Storage version of v1api20240402preview.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. + Storage version of v1api20240301.Subnet_STATUS_PrivateEndpoint_SubResourceEmbedded + Subnet in a virtual network resource. properties: $propertyBag: additionalProperties: @@ -49097,15 +61530,19 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - disableOutboundNat: - type: boolean + id: + type: string type: object - workloadRuntime: + tags: + additionalProperties: + type: string + type: object + type: type: string type: object type: object served: true - storage: false + storage: true subresources: status: {} --- @@ -49114,11 +61551,11 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: natgateways.network.azure.com + app.kubernetes.io/version: v2.11.0 + name: resourcegroups.resources.azure.com spec: conversion: strategy: Webhook @@ -49131,12 +61568,12 @@ spec: port: 443 conversionReviewVersions: - v1 - group: network.azure.com + group: resources.azure.com names: - kind: NatGateway - listKind: NatGatewayList - plural: natgateways - singular: natgateway + kind: ResourceGroup + listKind: ResourceGroupList + plural: resourcegroups + singular: resourcegroup preserveUnknownFields: false scope: Namespaced versions: @@ -49153,13 +61590,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20220701 + name: v1api20200601 schema: openAPIV3Schema: description: |- Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} + - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json + - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName} properties: apiVersion: description: |- @@ -49184,104 +61621,93 @@ spec: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. + maxLength: 90 + minLength: 1 type: string - idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' - type: integer location: - description: 'Location: Resource location.' + description: |- + Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be + one of the supported Azure locations. type: string - owner: + managedBy: + description: 'ManagedBy: The ID of the resource that manages this resource group.' + type: string + operatorSpec: description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - publicIpAddresses: - description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' - items: - description: Reference to another subresource. - properties: - reference: - description: 'Reference: Resource ID.' + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - armId: + key: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string name: - description: Name is the Kubernetes name of the resource. + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string + required: + - name + - value type: object - type: object - type: array - publicIpPrefixes: - description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' - items: - description: Reference to another subresource. - properties: - reference: - description: 'Reference: Resource ID.' + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - armId: + key: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string name: - description: Name is the Kubernetes name of the resource. + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value type: object - type: object - type: array - sku: - description: 'Sku: The nat gateway SKU.' - properties: - name: - description: 'Name: Name of Nat Gateway SKU.' - enum: - - Standard - type: string + type: array type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' + description: 'Tags: The tags attached to the resource group.' type: object - zones: - description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' - items: - type: string - type: array required: - - owner + - location type: object status: - description: Nat Gateway resource. + description: Resource group information. properties: conditions: description: 'Conditions: The observed state of the resource' @@ -49327,77 +61753,35 @@ spec: - type type: object type: array - etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' - type: string id: - description: 'Id: Resource ID.' + description: 'Id: The ID of the resource group.' type: string - idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' - type: integer location: - description: 'Location: Resource location.' - type: string - name: - description: 'Name: Resource name.' + description: |- + Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be + one of the supported Azure locations. type: string - provisioningState: - description: 'ProvisioningState: The provisioning state of the NAT gateway resource.' + managedBy: + description: 'ManagedBy: The ID of the resource that manages this resource group.' type: string - publicIpAddresses: - description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' - items: - description: Reference to another subresource. - properties: - id: - description: 'Id: Resource ID.' - type: string - type: object - type: array - publicIpPrefixes: - description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' - items: - description: Reference to another subresource. - properties: - id: - description: 'Id: Resource ID.' - type: string - type: object - type: array - resourceGuid: - description: 'ResourceGuid: The resource GUID property of the NAT gateway resource.' + name: + description: 'Name: The name of the resource group.' type: string - sku: - description: 'Sku: The nat gateway SKU.' + properties: + description: 'Properties: The resource group properties.' properties: - name: - description: 'Name: Name of Nat Gateway SKU.' + provisioningState: + description: 'ProvisioningState: The provisioning state.' type: string type: object - subnets: - description: 'Subnets: An array of references to the subnets using this nat gateway resource.' - items: - description: Reference to another subresource. - properties: - id: - description: 'Id: Resource ID.' - type: string - type: object - type: array tags: additionalProperties: type: string - description: 'Tags: Resource tags.' + description: 'Tags: The tags attached to the resource group.' type: object type: - description: 'Type: Resource type.' + description: 'Type: The type of the resource group.' type: string - zones: - description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' - items: - type: string - type: array type: object type: object served: true @@ -49417,14 +61801,14 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20220701storage + name: v1api20200601storage schema: openAPIV3Schema: description: |- - Storage version of v1api20220701.NatGateway + Storage version of v1api20200601.ResourceGroup Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} + - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json + - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName} properties: apiVersion: description: |- @@ -49444,7 +61828,7 @@ spec: metadata: type: object spec: - description: Storage version of v1api20220701.NatGateway_Spec + description: Storage version of v1api20200601.ResourceGroup_Spec properties: $propertyBag: additionalProperties: @@ -49458,125 +61842,92 @@ spec: AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - idleTimeoutInMinutes: - type: integer location: type: string - originalVersion: + managedBy: type: string - owner: + operatorSpec: description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource + Storage version of v1api20200601.ResourceGroupOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - publicIpAddresses: - items: - description: |- - Storage version of v1api20220701.ApplicationGatewaySubResource - Reference to another subresource. - properties: - $propertyBag: - additionalProperties: - type: string + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: Resource ID.' + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - armId: + key: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string name: - description: Name is the Kubernetes name of the resource. + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string + required: + - name + - value type: object - type: object - type: array - publicIpPrefixes: - items: - description: |- - Storage version of v1api20220701.ApplicationGatewaySubResource - Reference to another subresource. - properties: - $propertyBag: - additionalProperties: - type: string + type: array + secretExpressions: + items: description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: Resource ID.' + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - armId: + key: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string name: - description: Name is the Kubernetes name of the resource. + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string + required: + - name + - value type: object - type: object - type: array - sku: - description: |- - Storage version of v1api20220701.NatGatewaySku - SKU of nat gateway. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - name: - type: string + type: array type: object + originalVersion: + type: string tags: additionalProperties: type: string type: object - zones: - items: - type: string - type: array - required: - - owner type: object status: description: |- - Storage version of v1api20220701.NatGateway_STATUS - Nat Gateway resource. + Storage version of v1api20200601.ResourceGroup_STATUS + Resource group information. properties: $propertyBag: additionalProperties: @@ -49628,58 +61979,18 @@ spec: - type type: object type: array - etag: - type: string id: type: string - idleTimeoutInMinutes: - type: integer location: type: string - name: - type: string - provisioningState: + managedBy: type: string - publicIpAddresses: - items: - description: |- - Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS - Reference to another subresource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - id: - type: string - type: object - type: array - publicIpPrefixes: - items: - description: |- - Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS - Reference to another subresource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - id: - type: string - type: object - type: array - resourceGuid: + name: type: string - sku: + properties: description: |- - Storage version of v1api20220701.NatGatewaySku_STATUS - SKU of nat gateway. + Storage version of v1api20200601.ResourceGroupProperties_STATUS + The resource group properties. properties: $propertyBag: additionalProperties: @@ -49688,36 +61999,15 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - name: + provisioningState: type: string type: object - subnets: - items: - description: |- - Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS - Reference to another subresource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - id: - type: string - type: object - type: array tags: additionalProperties: type: string type: object type: type: string - zones: - items: - type: string - type: array type: object type: object served: true @@ -49730,11 +62020,11 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: privateendpoints.network.azure.com + app.kubernetes.io/version: v2.11.0 + name: virtualnetworks.network.azure.com spec: conversion: strategy: Webhook @@ -49749,10 +62039,10 @@ spec: - v1 group: network.azure.com names: - kind: PrivateEndpoint - listKind: PrivateEndpointList - plural: privateendpoints - singular: privateendpoint + kind: VirtualNetwork + listKind: VirtualNetworkList + plural: virtualnetworks + singular: virtualnetwork preserveUnknownFields: false scope: Namespaced versions: @@ -49769,13 +62059,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20220701 + name: v1api20201101 schema: openAPIV3Schema: description: |- Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: description: |- @@ -49796,109 +62086,92 @@ spec: type: object spec: properties: - applicationSecurityGroups: - description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' - items: - description: An application security group in a resource group. - properties: - reference: - description: 'Reference: Resource ID.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - type: array + addressSpace: + description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' + properties: + addressPrefixes: + description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' + items: + type: string + type: array + type: object azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - customNetworkInterfaceName: - description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' - type: string - extendedLocation: - description: 'ExtendedLocation: The extended location of the load balancer.' + bgpCommunities: + description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' properties: - name: - description: 'Name: The name of the extended location.' - type: string - type: - description: 'Type: The type of the extended location.' - enum: - - EdgeZone + virtualNetworkCommunity: + description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' type: string + required: + - virtualNetworkCommunity type: object - ipConfigurations: - description: |- - IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party - Service's endpoints. - items: - description: An IP Configuration of the private endpoint. - properties: - groupId: - description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' - type: string - memberName: - description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' - type: string - name: - description: 'Name: The name of the resource that is unique within a resource group.' - type: string - privateIPAddress: - description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' + ddosProtectionPlan: + description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + dhcpOptions: + description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' + properties: + dnsServers: + description: 'DnsServers: The list of DNS servers IP addresses.' + items: type: string - type: object - type: array - location: - description: 'Location: Resource location.' - type: string - manualPrivateLinkServiceConnections: + type: array + type: object + enableDdosProtection: description: |- - ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when - the network admin does not have access to approve connections to the remote resource. + EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It + requires a DDoS protection plan associated with the resource. + type: boolean + enableVmProtection: + description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' + type: boolean + extendedLocation: + description: 'ExtendedLocation: The extended location of the virtual network.' + properties: + name: + description: 'Name: The name of the extended location.' + type: string + type: + description: 'Type: The type of the extended location.' + enum: + - EdgeZone + type: string + required: + - name + - type + type: object + ipAllocations: + description: 'IpAllocations: Array of IpAllocation which reference this VNET.' items: - description: PrivateLinkServiceConnection resource. + description: Reference to another subresource. properties: - groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' - items: - type: string - type: array - name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' - type: string - privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. - properties: - actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' - type: string - status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' - type: string - type: object - privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' + reference: + description: 'Reference: Resource ID.' properties: armId: description: |- @@ -49917,131 +62190,89 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. - type: string type: object type: array + location: + description: 'Location: Resource location.' + type: string operatorSpec: description: |- OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure properties: - configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' - properties: - primaryNicPrivateIpAddress: - description: |- - PrimaryNicPrivateIpAddress: indicates where the PrimaryNicPrivateIpAddress config map should be placed. If omitted, no - config map will be created. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object - type: object - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - privateLinkServiceConnections: - description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' - items: - description: PrivateLinkServiceConnection resource. - properties: - groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' - items: - type: string - type: array - name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' - type: string - privateLinkServiceConnectionState: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. type: string - status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string + required: + - name + - value type: object - privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. properties: - armId: + key: description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string name: - description: Name is the Kubernetes name of the resource. + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string + required: + - name + - value type: object - requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. - type: string - type: object - type: array - subnet: - description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' + type: array + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: - reference: - description: 'Reference: Resource ID.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string type: object tags: additionalProperties: @@ -50052,18 +62283,27 @@ spec: - owner type: object status: - description: Private endpoint resource. + description: Virtual Network resource. properties: - applicationSecurityGroups: - description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' - items: - description: An application security group in a resource group. - properties: - id: - description: 'Id: Resource ID.' + addressSpace: + description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' + properties: + addressPrefixes: + description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' + items: type: string - type: object - type: array + type: array + type: object + bgpCommunities: + description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' + properties: + regionalCommunity: + description: 'RegionalCommunity: The BGP community associated with the region of the virtual network.' + type: string + virtualNetworkCommunity: + description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' + type: string + type: object conditions: description: 'Conditions: The observed state of the resource' items: @@ -50108,29 +62348,35 @@ spec: - type type: object type: array - customDnsConfigs: - description: 'CustomDnsConfigs: An array of custom dns configurations.' - items: - description: Contains custom Dns resolution configuration from customer. - properties: - fqdn: - description: 'Fqdn: Fqdn that resolves to private endpoint ip address.' + ddosProtectionPlan: + description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + dhcpOptions: + description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' + properties: + dnsServers: + description: 'DnsServers: The list of DNS servers IP addresses.' + items: type: string - ipAddresses: - description: 'IpAddresses: A list of private ip addresses of the private endpoint.' - items: - type: string - type: array - type: object - type: array - customNetworkInterfaceName: - description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' - type: string + type: array + type: object + enableDdosProtection: + description: |- + EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It + requires a DDoS protection plan associated with the resource. + type: boolean + enableVmProtection: + description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' + type: boolean etag: description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string extendedLocation: - description: 'ExtendedLocation: The extended location of the load balancer.' + description: 'ExtendedLocation: The extended location of the virtual network.' properties: name: description: 'Name: The name of the extended location.' @@ -50142,161 +62388,28 @@ spec: id: description: 'Id: Resource ID.' type: string - ipConfigurations: - description: |- - IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party - Service's endpoints. + ipAllocations: + description: 'IpAllocations: Array of IpAllocation which reference this VNET.' items: - description: An IP Configuration of the private endpoint. + description: Reference to another subresource. properties: - etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' - type: string - groupId: - description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' - type: string - memberName: - description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' - type: string - name: - description: 'Name: The name of the resource that is unique within a resource group.' - type: string - privateIPAddress: - description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' - type: string - type: - description: 'Type: The resource type.' + id: + description: 'Id: Resource ID.' type: string type: object type: array location: description: 'Location: Resource location.' type: string - manualPrivateLinkServiceConnections: - description: |- - ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when - the network admin does not have access to approve connections to the remote resource. - items: - description: PrivateLinkServiceConnection resource. - properties: - etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' - type: string - groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' - items: - type: string - type: array - id: - description: 'Id: Resource ID.' - type: string - name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' - type: string - privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. - properties: - actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' - type: string - status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' - type: string - type: object - privateLinkServiceId: - description: 'PrivateLinkServiceId: The resource id of private link service.' - type: string - provisioningState: - description: 'ProvisioningState: The provisioning state of the private link service connection resource.' - type: string - requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. - type: string - type: - description: 'Type: The resource type.' - type: string - type: object - type: array name: description: 'Name: Resource name.' type: string - networkInterfaces: - description: 'NetworkInterfaces: An array of references to the network interfaces created for this private endpoint.' - items: - description: A network interface in a resource group. - properties: - id: - description: 'Id: Resource ID.' - type: string - type: object - type: array - privateLinkServiceConnections: - description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' - items: - description: PrivateLinkServiceConnection resource. - properties: - etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' - type: string - groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' - items: - type: string - type: array - id: - description: 'Id: Resource ID.' - type: string - name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' - type: string - privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. - properties: - actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' - type: string - status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' - type: string - type: object - privateLinkServiceId: - description: 'PrivateLinkServiceId: The resource id of private link service.' - type: string - provisioningState: - description: 'ProvisioningState: The provisioning state of the private link service connection resource.' - type: string - requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. - type: string - type: - description: 'Type: The resource type.' - type: string - type: object - type: array provisioningState: - description: 'ProvisioningState: The provisioning state of the private endpoint resource.' + description: 'ProvisioningState: The provisioning state of the virtual network resource.' + type: string + resourceGuid: + description: 'ResourceGuid: The resourceGuid property of the Virtual Network resource.' type: string - subnet: - description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' - properties: - id: - description: 'Id: Resource ID.' - type: string - type: object tags: additionalProperties: type: string @@ -50324,14 +62437,14 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20220701storage + name: v1api20201101storage schema: openAPIV3Schema: description: |- - Storage version of v1api20220701.PrivateEndpoint + Storage version of v1api20201101.VirtualNetwork Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: description: |- @@ -50351,7 +62464,7 @@ spec: metadata: type: object spec: - description: Storage version of v1api20220701.PrivateEndpoint_Spec + description: Storage version of v1api20201101.VirtualNetwork_Spec properties: $propertyBag: additionalProperties: @@ -50360,51 +62473,101 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - applicationSecurityGroups: - items: - description: |- - Storage version of v1api20220701.ApplicationSecurityGroupSpec_PrivateEndpoint_SubResourceEmbedded - An application security group in a resource group. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: Resource ID.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object - type: array + addressSpace: + description: |- + Storage version of v1api20201101.AddressSpace + AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + addressPrefixes: + items: + type: string + type: array + type: object azureName: description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. - type: string - customNetworkInterfaceName: - type: string + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + bgpCommunities: + description: |- + Storage version of v1api20201101.VirtualNetworkBgpCommunities + Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + virtualNetworkCommunity: + type: string + type: object + ddosProtectionPlan: + description: |- + Storage version of v1api20201101.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + dhcpOptions: + description: |- + Storage version of v1api20201101.DhcpOptions + DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for + a subnet overrides VNET DHCP options. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServers: + items: + type: string + type: array + type: object + enableDdosProtection: + type: boolean + enableVmProtection: + type: boolean extendedLocation: description: |- - Storage version of v1api20220701.ExtendedLocation + Storage version of v1api20201101.ExtendedLocation ExtendedLocation complex type. properties: $propertyBag: @@ -50419,36 +62582,11 @@ spec: type: type: string type: object - ipConfigurations: - items: - description: |- - Storage version of v1api20220701.PrivateEndpointIPConfiguration - An IP Configuration of the private endpoint. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - groupId: - type: string - memberName: - type: string - name: - type: string - privateIPAddress: - type: string - type: object - type: array - location: - type: string - manualPrivateLinkServiceConnections: + ipAllocations: items: description: |- - Storage version of v1api20220701.PrivateLinkServiceConnection - PrivateLinkServiceConnection resource. + Storage version of v1api20201101.SubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: @@ -50457,33 +62595,8 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - groupIds: - items: - type: string - type: array - name: - type: string - privateLinkServiceConnectionState: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnectionState - A collection of information about the state of the connection between service consumer and provider. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - actionsRequired: - type: string - description: - type: string - status: - type: string - type: object - privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' + reference: + description: 'Reference: Resource ID.' properties: armId: description: |- @@ -50502,13 +62615,13 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - requestMessage: - type: string type: object type: array + location: + type: string operatorSpec: description: |- - Storage version of v1api20220701.PrivateEndpointOperatorSpec + Storage version of v1api20201101.VirtualNetworkOperatorSpec Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: @@ -50518,34 +62631,64 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - configMaps: - description: Storage version of v1api20220701.PrivateEndpointOperatorConfigMaps - properties: - $propertyBag: - additionalProperties: + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - primaryNicPrivateIpAddress: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. - properties: - key: - description: Key is the key in the ConfigMap being referenced - type: string - name: - description: |- - Name is the name of the Kubernetes ConfigMap being referenced. - The ConfigMap must be in the same namespace as the resource - type: string - required: - - key - - name - type: object - type: object + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array type: object originalVersion: type: string @@ -50562,101 +62705,6 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object - privateLinkServiceConnections: - items: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnection - PrivateLinkServiceConnection resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - groupIds: - items: - type: string - type: array - name: - type: string - privateLinkServiceConnectionState: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnectionState - A collection of information about the state of the connection between service consumer and provider. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - actionsRequired: - type: string - description: - type: string - status: - type: string - type: object - privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - requestMessage: - type: string - type: object - type: array - subnet: - description: |- - Storage version of v1api20220701.Subnet_PrivateEndpoint_SubResourceEmbedded - Subnet in a virtual network resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - reference: - description: 'Reference: Resource ID.' - properties: - armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string - type: object - type: object tags: additionalProperties: type: string @@ -50666,8 +62714,8 @@ spec: type: object status: description: |- - Storage version of v1api20220701.PrivateEndpoint_STATUS_PrivateEndpoint_SubResourceEmbedded - Private endpoint resource. + Storage version of v1api20201101.VirtualNetwork_STATUS + Virtual Network resource. properties: $propertyBag: additionalProperties: @@ -50676,23 +62724,40 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - applicationSecurityGroups: - items: - description: |- - Storage version of v1api20220701.ApplicationSecurityGroup_STATUS_PrivateEndpoint_SubResourceEmbedded - An application security group in a resource group. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - id: + addressSpace: + description: |- + Storage version of v1api20201101.AddressSpace_STATUS + AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. + properties: + $propertyBag: + additionalProperties: type: string - type: object - type: array + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + addressPrefixes: + items: + type: string + type: array + type: object + bgpCommunities: + description: |- + Storage version of v1api20201101.VirtualNetworkBgpCommunities_STATUS + Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + regionalCommunity: + type: string + virtualNetworkCommunity: + type: string + type: object conditions: items: description: Condition defines an extension to status (an observation) of a resource @@ -50736,34 +62801,48 @@ spec: - type type: object type: array - customDnsConfigs: - items: - description: |- - Storage version of v1api20220701.CustomDnsConfigPropertiesFormat_STATUS - Contains custom Dns resolution configuration from customer. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - fqdn: + ddosProtectionPlan: + description: |- + Storage version of v1api20201101.SubResource_STATUS + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: type: string - ipAddresses: - items: - type: string - type: array - type: object - type: array - customNetworkInterfaceName: - type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + dhcpOptions: + description: |- + Storage version of v1api20201101.DhcpOptions_STATUS + DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for + a subnet overrides VNET DHCP options. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServers: + items: + type: string + type: array + type: object + enableDdosProtection: + type: boolean + enableVmProtection: + type: boolean etag: type: string extendedLocation: description: |- - Storage version of v1api20220701.ExtendedLocation_STATUS + Storage version of v1api20201101.ExtendedLocation_STATUS ExtendedLocation complex type. properties: $propertyBag: @@ -50780,11 +62859,11 @@ spec: type: object id: type: string - ipConfigurations: + ipAllocations: items: description: |- - Storage version of v1api20220701.PrivateEndpointIPConfiguration_STATUS - An IP Configuration of the private endpoint. + Storage version of v1api20201101.SubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: @@ -50793,162 +62872,18 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - etag: - type: string - groupId: - type: string - memberName: - type: string - name: - type: string - privateIPAddress: - type: string - type: + id: type: string type: object type: array location: type: string - manualPrivateLinkServiceConnections: - items: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS - PrivateLinkServiceConnection resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - etag: - type: string - groupIds: - items: - type: string - type: array - id: - type: string - name: - type: string - privateLinkServiceConnectionState: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS - A collection of information about the state of the connection between service consumer and provider. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - actionsRequired: - type: string - description: - type: string - status: - type: string - type: object - privateLinkServiceId: - type: string - provisioningState: - type: string - requestMessage: - type: string - type: - type: string - type: object - type: array name: type: string - networkInterfaces: - items: - description: |- - Storage version of v1api20220701.NetworkInterface_STATUS_PrivateEndpoint_SubResourceEmbedded - A network interface in a resource group. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - id: - type: string - type: object - type: array - privateLinkServiceConnections: - items: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS - PrivateLinkServiceConnection resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - etag: - type: string - groupIds: - items: - type: string - type: array - id: - type: string - name: - type: string - privateLinkServiceConnectionState: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS - A collection of information about the state of the connection between service consumer and provider. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - actionsRequired: - type: string - description: - type: string - status: - type: string - type: object - privateLinkServiceId: - type: string - provisioningState: - type: string - requestMessage: - type: string - type: - type: string - type: object - type: array provisioningState: type: string - subnet: - description: |- - Storage version of v1api20220701.Subnet_STATUS_PrivateEndpoint_SubResourceEmbedded - Subnet in a virtual network resource. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - id: - type: string - type: object + resourceGuid: + type: string tags: additionalProperties: type: string @@ -50958,41 +62893,9 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 - labels: - app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: resourcegroups.resources.azure.com -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: azureserviceoperator-webhook-service - namespace: azureserviceoperator-system - path: /convert - port: 443 - conversionReviewVersions: - - v1 - group: resources.azure.com - names: - kind: ResourceGroup - listKind: ResourceGroupList - plural: resourcegroups - singular: resourcegroup - preserveUnknownFields: false - scope: Namespaced - versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready @@ -51006,13 +62909,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20200601 + name: v1api20240301 schema: openAPIV3Schema: description: |- Generator information: - - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/virtualNetwork.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: description: |- @@ -51033,32 +62936,249 @@ spec: type: object spec: properties: + addressSpace: + description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' + properties: + addressPrefixes: + description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' + items: + type: string + type: array + type: object azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. - maxLength: 90 - minLength: 1 type: string - location: + bgpCommunities: + description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' + properties: + virtualNetworkCommunity: + description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' + type: string + required: + - virtualNetworkCommunity + type: object + ddosProtectionPlan: + description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + dhcpOptions: + description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' + properties: + dnsServers: + description: 'DnsServers: The list of DNS servers IP addresses.' + items: + type: string + type: array + type: object + enableDdosProtection: description: |- - Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be - one of the supported Azure locations. + EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It + requires a DDoS protection plan associated with the resource. + type: boolean + enableVmProtection: + description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' + type: boolean + encryption: + description: |- + Encryption: Indicates if encryption is enabled on virtual network and if VM without encryption is allowed in encrypted + VNet. + properties: + enabled: + description: 'Enabled: Indicates if encryption is enabled on the virtual network.' + type: boolean + enforcement: + description: |- + Enforcement: If the encrypted VNet allows VM that does not support encryption. This field is for future support, + AllowUnencrypted is the only supported value at general availability. + enum: + - AllowUnencrypted + - DropUnencrypted + type: string + required: + - enabled + type: object + extendedLocation: + description: 'ExtendedLocation: The extended location of the virtual network.' + properties: + name: + description: 'Name: The name of the extended location.' + type: string + type: + description: 'Type: The type of the extended location.' + enum: + - EdgeZone + type: string + type: object + flowTimeoutInMinutes: + description: 'FlowTimeoutInMinutes: The FlowTimeout value (in minutes) for the Virtual Network' + type: integer + ipAllocations: + description: 'IpAllocations: Array of IpAllocation which reference this VNET.' + items: + description: Reference to another subresource. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + location: + description: 'Location: Resource location.' type: string - managedBy: - description: 'ManagedBy: The ID of the resource that manages this resource group.' + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + privateEndpointVNetPolicies: + description: 'PrivateEndpointVNetPolicies: Private Endpoint VNet Policies.' + enum: + - Basic + - Disabled type: string tags: additionalProperties: type: string - description: 'Tags: The tags attached to the resource group.' + description: 'Tags: Resource tags.' type: object required: - - location + - owner type: object status: - description: Resource group information. + description: Virtual Network resource. properties: + addressSpace: + description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' + properties: + addressPrefixes: + description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' + items: + type: string + type: array + type: object + bgpCommunities: + description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' + properties: + regionalCommunity: + description: 'RegionalCommunity: The BGP community associated with the region of the virtual network.' + type: string + virtualNetworkCommunity: + description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' + type: string + type: object conditions: description: 'Conditions: The observed state of the resource' items: @@ -51103,34 +63223,105 @@ spec: - type type: object type: array + ddosProtectionPlan: + description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + dhcpOptions: + description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' + properties: + dnsServers: + description: 'DnsServers: The list of DNS servers IP addresses.' + items: + type: string + type: array + type: object + enableDdosProtection: + description: |- + EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It + requires a DDoS protection plan associated with the resource. + type: boolean + enableVmProtection: + description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' + type: boolean + encryption: + description: |- + Encryption: Indicates if encryption is enabled on virtual network and if VM without encryption is allowed in encrypted + VNet. + properties: + enabled: + description: 'Enabled: Indicates if encryption is enabled on the virtual network.' + type: boolean + enforcement: + description: |- + Enforcement: If the encrypted VNet allows VM that does not support encryption. This field is for future support, + AllowUnencrypted is the only supported value at general availability. + type: string + type: object + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' + type: string + extendedLocation: + description: 'ExtendedLocation: The extended location of the virtual network.' + properties: + name: + description: 'Name: The name of the extended location.' + type: string + type: + description: 'Type: The type of the extended location.' + type: string + type: object + flowLogs: + description: 'FlowLogs: A collection of references to flow log resources.' + items: + description: A flow log resource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + flowTimeoutInMinutes: + description: 'FlowTimeoutInMinutes: The FlowTimeout value (in minutes) for the Virtual Network' + type: integer id: - description: 'Id: The ID of the resource group.' + description: 'Id: Resource ID.' type: string + ipAllocations: + description: 'IpAllocations: Array of IpAllocation which reference this VNET.' + items: + description: Reference to another subresource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array location: - description: |- - Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be - one of the supported Azure locations. - type: string - managedBy: - description: 'ManagedBy: The ID of the resource that manages this resource group.' + description: 'Location: Resource location.' type: string name: - description: 'Name: The name of the resource group.' + description: 'Name: Resource name.' + type: string + privateEndpointVNetPolicies: + description: 'PrivateEndpointVNetPolicies: Private Endpoint VNet Policies.' + type: string + provisioningState: + description: 'ProvisioningState: The provisioning state of the virtual network resource.' + type: string + resourceGuid: + description: 'ResourceGuid: The resourceGuid property of the Virtual Network resource.' type: string - properties: - description: 'Properties: The resource group properties.' - properties: - provisioningState: - description: 'ProvisioningState: The provisioning state.' - type: string - type: object tags: additionalProperties: type: string - description: 'Tags: The tags attached to the resource group.' + description: 'Tags: Resource tags.' type: object type: - description: 'Type: The type of the resource group.' + description: 'Type: Resource type.' type: string type: object type: object @@ -51151,14 +63342,14 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20200601storage + name: v1api20240301storage schema: openAPIV3Schema: description: |- - Storage version of v1api20200601.ResourceGroup + Storage version of v1api20240301.VirtualNetwork Generator information: - - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName} + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/virtualNetwork.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: description: |- @@ -51178,7 +63369,7 @@ spec: metadata: type: object spec: - description: Storage version of v1api20200601.ResourceGroup_Spec + description: Storage version of v1api20240301.VirtualNetwork_Spec properties: $propertyBag: additionalProperties: @@ -51187,26 +63378,270 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. - type: string - location: - type: string - managedBy: - type: string + addressSpace: + description: |- + Storage version of v1api20240301.AddressSpace + AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + addressPrefixes: + items: + type: string + type: array + type: object + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + bgpCommunities: + description: |- + Storage version of v1api20240301.VirtualNetworkBgpCommunities + Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + virtualNetworkCommunity: + type: string + type: object + ddosProtectionPlan: + description: |- + Storage version of v1api20240301.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + dhcpOptions: + description: |- + Storage version of v1api20240301.DhcpOptions + DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for + a subnet overrides VNET DHCP options. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServers: + items: + type: string + type: array + type: object + enableDdosProtection: + type: boolean + enableVmProtection: + type: boolean + encryption: + description: |- + Storage version of v1api20240301.VirtualNetworkEncryption + Indicates if encryption is enabled on virtual network and if VM without encryption is allowed in encrypted VNet. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + enforcement: + type: string + type: object + extendedLocation: + description: |- + Storage version of v1api20240301.ExtendedLocation + ExtendedLocation complex type. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + type: + type: string + type: object + flowTimeoutInMinutes: + type: integer + ipAllocations: + items: + description: |- + Storage version of v1api20240301.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + location: + type: string + operatorSpec: + description: |- + Storage version of v1api20240301.VirtualNetworkOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object originalVersion: type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + privateEndpointVNetPolicies: + type: string tags: additionalProperties: type: string type: object + required: + - owner type: object status: description: |- - Storage version of v1api20200601.ResourceGroup_STATUS - Resource group information. + Storage version of v1api20240301.VirtualNetwork_STATUS + Virtual Network resource. properties: $propertyBag: additionalProperties: @@ -51215,6 +63650,40 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object + addressSpace: + description: |- + Storage version of v1api20240301.AddressSpace_STATUS + AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + addressPrefixes: + items: + type: string + type: array + type: object + bgpCommunities: + description: |- + Storage version of v1api20240301.VirtualNetworkBgpCommunities_STATUS + Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + regionalCommunity: + type: string + virtualNetworkCommunity: + type: string + type: object conditions: items: description: Condition defines an extension to status (an observation) of a resource @@ -51258,18 +63727,66 @@ spec: - type type: object type: array - id: - type: string - location: - type: string - managedBy: - type: string - name: + ddosProtectionPlan: + description: |- + Storage version of v1api20240301.SubResource_STATUS + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + dhcpOptions: + description: |- + Storage version of v1api20240301.DhcpOptions_STATUS + DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for + a subnet overrides VNET DHCP options. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServers: + items: + type: string + type: array + type: object + enableDdosProtection: + type: boolean + enableVmProtection: + type: boolean + encryption: + description: |- + Storage version of v1api20240301.VirtualNetworkEncryption_STATUS + Indicates if encryption is enabled on virtual network and if VM without encryption is allowed in encrypted VNet. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + enforcement: + type: string + type: object + etag: type: string - properties: + extendedLocation: description: |- - Storage version of v1api20200601.ResourceGroupProperties_STATUS - The resource group properties. + Storage version of v1api20240301.ExtendedLocation_STATUS + ExtendedLocation complex type. properties: $propertyBag: additionalProperties: @@ -51278,9 +63795,59 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - provisioningState: + name: + type: string + type: type: string type: object + flowLogs: + items: + description: |- + Storage version of v1api20240301.FlowLog_STATUS_SubResourceEmbedded + A flow log resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + flowTimeoutInMinutes: + type: integer + id: + type: string + ipAllocations: + items: + description: |- + Storage version of v1api20240301.SubResource_STATUS + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + location: + type: string + name: + type: string + privateEndpointVNetPolicies: + type: string + provisioningState: + type: string + resourceGuid: + type: string tags: additionalProperties: type: string @@ -51299,11 +63866,11 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: virtualnetworks.network.azure.com + app.kubernetes.io/version: v2.11.0 + name: virtualnetworkssubnets.network.azure.com spec: conversion: strategy: Webhook @@ -51318,10 +63885,10 @@ spec: - v1 group: network.azure.com names: - kind: VirtualNetwork - listKind: VirtualNetworkList - plural: virtualnetworks - singular: virtualnetwork + kind: VirtualNetworksSubnet + listKind: VirtualNetworksSubnetList + plural: virtualnetworkssubnets + singular: virtualnetworkssubnet preserveUnknownFields: false scope: Namespaced versions: @@ -51344,7 +63911,7 @@ spec: description: |- Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: description: |- @@ -51365,31 +63932,112 @@ spec: type: object spec: properties: - addressSpace: - description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' - properties: - addressPrefixes: - description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' - items: - type: string - type: array - type: object + addressPrefix: + description: 'AddressPrefix: The address prefix for the subnet.' + type: string + addressPrefixes: + description: 'AddressPrefixes: List of address prefixes for the subnet.' + items: + type: string + type: array + applicationGatewayIpConfigurations: + description: 'ApplicationGatewayIpConfigurations: Application gateway IP configurations of virtual network resource.' + items: + description: IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - bgpCommunities: - description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' + delegations: + description: 'Delegations: An array of references to the delegations on the subnet.' + items: + description: Details the service to which the subnet is delegated. + properties: + name: + description: 'Name: The name of the resource that is unique within a subnet. This name can be used to access the resource.' + type: string + serviceName: + description: 'ServiceName: The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).' + type: string + type: object + type: array + ipAllocations: + description: 'IpAllocations: Array of IpAllocation which reference this subnet.' + items: + description: Reference to another subresource. + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + natGateway: + description: 'NatGateway: Nat gateway associated with this subnet.' properties: - virtualNetworkCommunity: - description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' - type: string - required: - - virtualNetworkCommunity + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - ddosProtectionPlan: - description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' + networkSecurityGroup: + description: 'NetworkSecurityGroup: The reference to the NetworkSecurityGroup resource.' properties: reference: description: 'Reference: Resource ID.' @@ -51412,42 +64060,125 @@ spec: type: string type: object type: object - dhcpOptions: - description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: - dnsServers: - description: 'DnsServers: The list of DNS servers IP addresses.' + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - type: string + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object type: array type: object - enableDdosProtection: + owner: description: |- - EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It - requires a DDoS protection plan associated with the resource. - type: boolean - enableVmProtection: - description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' - type: boolean - extendedLocation: - description: 'ExtendedLocation: The extended location of the virtual network.' + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a network.azure.com/VirtualNetwork resource properties: - name: - description: 'Name: The name of the extended location.' + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string - type: - description: 'Type: The type of the extended location.' - enum: - - EdgeZone + name: + description: This is the name of the Kubernetes resource to reference. type: string - required: - - name - - type type: object - ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this VNET.' + privateEndpointNetworkPolicies: + description: 'PrivateEndpointNetworkPolicies: Enable or Disable apply network policies on private end point in the subnet.' + enum: + - Disabled + - Enabled + type: string + privateLinkServiceNetworkPolicies: + description: 'PrivateLinkServiceNetworkPolicies: Enable or Disable apply network policies on private link service in the subnet.' + enum: + - Disabled + - Enabled + type: string + routeTable: + description: 'RouteTable: The reference to the RouteTable resource.' + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + serviceEndpointPolicies: + description: 'ServiceEndpointPolicies: An array of service endpoint policies.' items: - description: Reference to another subresource. + description: Service End point policy resource. properties: reference: description: 'Reference: Resource ID.' @@ -51471,52 +64202,44 @@ spec: type: object type: object type: array - location: - description: 'Location: Resource location.' - type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - tags: - additionalProperties: - type: string - description: 'Tags: Resource tags.' - type: object + serviceEndpoints: + description: 'ServiceEndpoints: An array of service endpoints.' + items: + description: The service endpoint properties. + properties: + locations: + description: 'Locations: A list of locations.' + items: + type: string + type: array + service: + description: 'Service: The type of the endpoint service.' + type: string + type: object + type: array required: - owner type: object status: - description: Virtual Network resource. properties: - addressSpace: - description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' - properties: - addressPrefixes: - description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' - items: + addressPrefix: + description: 'AddressPrefix: The address prefix for the subnet.' + type: string + addressPrefixes: + description: 'AddressPrefixes: List of address prefixes for the subnet.' + items: + type: string + type: array + applicationGatewayIpConfigurations: + description: 'ApplicationGatewayIpConfigurations: Application gateway IP configurations of virtual network resource.' + items: + description: IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. + properties: + id: + description: 'Id: Resource ID.' type: string - type: array - type: object - bgpCommunities: - description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' - properties: - regionalCommunity: - description: 'RegionalCommunity: The BGP community associated with the region of the virtual network.' - type: string - virtualNetworkCommunity: - description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' - type: string - type: object + type: object + type: array conditions: description: 'Conditions: The observed state of the resource' items: @@ -51548,61 +64271,57 @@ spec: For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown type: string - status: - description: Status of the condition, one of True, False, or Unknown. + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + delegations: + description: 'Delegations: An array of references to the delegations on the subnet.' + items: + description: Details the service to which the subnet is delegated. + properties: + actions: + description: 'Actions: The actions permitted to the service upon delegation.' + items: + type: string + type: array + etag: + description: 'Etag: A unique read-only string that changes whenever the resource is updated.' + type: string + id: + description: 'Id: Resource ID.' + type: string + name: + description: 'Name: The name of the resource that is unique within a subnet. This name can be used to access the resource.' + type: string + provisioningState: + description: 'ProvisioningState: The provisioning state of the service delegation resource.' + type: string + serviceName: + description: 'ServiceName: The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).' type: string type: - description: Type of condition. + description: 'Type: Resource type.' type: string - required: - - lastTransitionTime - - reason - - status - - type type: object type: array - ddosProtectionPlan: - description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' - properties: - id: - description: 'Id: Resource ID.' - type: string - type: object - dhcpOptions: - description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' - properties: - dnsServers: - description: 'DnsServers: The list of DNS servers IP addresses.' - items: - type: string - type: array - type: object - enableDdosProtection: - description: |- - EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It - requires a DDoS protection plan associated with the resource. - type: boolean - enableVmProtection: - description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' - type: boolean etag: description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string - extendedLocation: - description: 'ExtendedLocation: The extended location of the virtual network.' - properties: - name: - description: 'Name: The name of the extended location.' - type: string - type: - description: 'Type: The type of the extended location.' - type: string - type: object id: description: 'Id: Resource ID.' type: string ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this VNET.' + description: 'IpAllocations: Array of IpAllocation which reference this subnet.' items: description: Reference to another subresource. properties: @@ -51611,23 +64330,122 @@ spec: type: string type: object type: array - location: - description: 'Location: Resource location.' - type: string + ipConfigurationProfiles: + description: 'IpConfigurationProfiles: Array of IP configuration profiles which reference this subnet.' + items: + description: IP configuration profile child resource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + ipConfigurations: + description: 'IpConfigurations: An array of references to the network interface IP configurations using subnet.' + items: + description: IP configuration. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array name: - description: 'Name: Resource name.' + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + natGateway: + description: 'NatGateway: Nat gateway associated with this subnet.' + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + networkSecurityGroup: + description: 'NetworkSecurityGroup: The reference to the NetworkSecurityGroup resource.' + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + privateEndpointNetworkPolicies: + description: 'PrivateEndpointNetworkPolicies: Enable or Disable apply network policies on private end point in the subnet.' + type: string + privateEndpoints: + description: 'PrivateEndpoints: An array of references to private endpoints.' + items: + description: Private endpoint resource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + privateLinkServiceNetworkPolicies: + description: 'PrivateLinkServiceNetworkPolicies: Enable or Disable apply network policies on private link service in the subnet.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the virtual network resource.' + description: 'ProvisioningState: The provisioning state of the subnet resource.' type: string - resourceGuid: - description: 'ResourceGuid: The resourceGuid property of the Virtual Network resource.' + purpose: + description: |- + Purpose: A read-only string identifying the intention of use for this subnet based on delegations and other user-defined + properties. type: string - tags: - additionalProperties: - type: string - description: 'Tags: Resource tags.' + resourceNavigationLinks: + description: 'ResourceNavigationLinks: An array of references to the external resources using subnet.' + items: + description: ResourceNavigationLink resource. + properties: + id: + description: 'Id: Resource navigation link identifier.' + type: string + type: object + type: array + routeTable: + description: 'RouteTable: The reference to the RouteTable resource.' + properties: + id: + description: 'Id: Resource ID.' + type: string type: object + serviceAssociationLinks: + description: 'ServiceAssociationLinks: An array of references to services injecting into this subnet.' + items: + description: ServiceAssociationLink resource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + serviceEndpointPolicies: + description: 'ServiceEndpointPolicies: An array of service endpoint policies.' + items: + description: Service End point policy resource. + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object + type: array + serviceEndpoints: + description: 'ServiceEndpoints: An array of service endpoints.' + items: + description: The service endpoint properties. + properties: + locations: + description: 'Locations: A list of locations.' + items: + type: string + type: array + provisioningState: + description: 'ProvisioningState: The provisioning state of the service endpoint resource.' + type: string + service: + description: 'Service: The type of the endpoint service.' + type: string + type: object + type: array type: description: 'Type: Resource type.' type: string @@ -51654,10 +64472,10 @@ spec: schema: openAPIV3Schema: description: |- - Storage version of v1api20201101.VirtualNetwork + Storage version of v1api20201101.VirtualNetworksSubnet Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: description: |- @@ -51677,7 +64495,7 @@ spec: metadata: type: object spec: - description: Storage version of v1api20201101.VirtualNetwork_Spec + description: Storage version of v1api20201101.VirtualNetworksSubnet_Spec properties: $propertyBag: additionalProperties: @@ -51686,32 +64504,110 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - addressSpace: - description: |- - Storage version of v1api20201101.AddressSpace - AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - addressPrefixes: - items: - type: string - type: array - type: object + addressPrefix: + type: string + addressPrefixes: + items: + type: string + type: array + applicationGatewayIpConfigurations: + items: + description: |- + Storage version of v1api20201101.ApplicationGatewayIPConfiguration_VirtualNetworks_Subnet_SubResourceEmbedded + IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array azureName: description: |- AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string - bgpCommunities: + delegations: + items: + description: |- + Storage version of v1api20201101.Delegation + Details the service to which the subnet is delegated. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + serviceName: + type: string + type: object + type: array + ipAllocations: + items: + description: |- + Storage version of v1api20201101.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + natGateway: description: |- - Storage version of v1api20201101.VirtualNetworkBgpCommunities - Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. + Storage version of v1api20201101.SubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: @@ -51720,13 +64616,31 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - virtualNetworkCommunity: - type: string + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - ddosProtectionPlan: + networkSecurityGroup: description: |- - Storage version of v1api20201101.SubResource - Reference to another subresource. + Storage version of v1api20201101.NetworkSecurityGroupSpec_VirtualNetworks_Subnet_SubResourceEmbedded + NetworkSecurityGroup resource. properties: $propertyBag: additionalProperties: @@ -51756,11 +64670,10 @@ spec: type: string type: object type: object - dhcpOptions: + operatorSpec: description: |- - Storage version of v1api20201101.DhcpOptions - DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for - a subnet overrides VNET DHCP options. + Storage version of v1api20201101.VirtualNetworksSubnetOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: @@ -51769,19 +64682,88 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - dnsServers: + configMapExpressions: items: - type: string + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object type: array type: object - enableDdosProtection: - type: boolean - enableVmProtection: - type: boolean - extendedLocation: + originalVersion: + type: string + owner: description: |- - Storage version of v1api20201101.ExtendedLocation - ExtendedLocation complex type. + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a network.azure.com/VirtualNetwork resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + privateEndpointNetworkPolicies: + type: string + privateLinkServiceNetworkPolicies: + type: string + routeTable: + description: |- + Storage version of v1api20201101.RouteTableSpec_VirtualNetworks_Subnet_SubResourceEmbedded + Route table resource. properties: $propertyBag: additionalProperties: @@ -51790,16 +64772,32 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - name: - type: string - type: - type: string + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object type: object - ipAllocations: + serviceEndpointPolicies: items: description: |- - Storage version of v1api20201101.SubResource - Reference to another subresource. + Storage version of v1api20201101.ServiceEndpointPolicySpec_VirtualNetworks_Subnet_SubResourceEmbedded + Service End point policy resource. properties: $propertyBag: additionalProperties: @@ -51830,34 +64828,32 @@ spec: type: object type: object type: array - location: - type: string - originalVersion: - type: string - owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource - properties: - armId: - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - name: - description: This is the name of the Kubernetes resource to reference. - type: string - type: object - tags: - additionalProperties: - type: string - type: object + serviceEndpoints: + items: + description: |- + Storage version of v1api20201101.ServiceEndpointPropertiesFormat + The service endpoint properties. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + locations: + items: + type: string + type: array + service: + type: string + type: object + type: array required: - owner type: object status: - description: |- - Storage version of v1api20201101.VirtualNetwork_STATUS - Virtual Network resource. + description: Storage version of v1api20201101.VirtualNetworksSubnet_STATUS properties: $propertyBag: additionalProperties: @@ -51866,40 +64862,29 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - addressSpace: - description: |- - Storage version of v1api20201101.AddressSpace_STATUS - AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. - properties: - $propertyBag: - additionalProperties: - type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - addressPrefixes: - items: - type: string - type: array - type: object - bgpCommunities: - description: |- - Storage version of v1api20201101.VirtualNetworkBgpCommunities_STATUS - Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. - properties: - $propertyBag: - additionalProperties: + addressPrefix: + type: string + addressPrefixes: + items: + type: string + type: array + applicationGatewayIpConfigurations: + items: + description: |- + Storage version of v1api20201101.ApplicationGatewayIPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions - type: object - regionalCommunity: - type: string - virtualNetworkCommunity: - type: string - type: object + type: object + type: array conditions: items: description: Condition defines an extension to status (an observation) of a resource @@ -51943,7 +64928,95 @@ spec: - type type: object type: array - ddosProtectionPlan: + delegations: + items: + description: |- + Storage version of v1api20201101.Delegation_STATUS + Details the service to which the subnet is delegated. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + actions: + items: + type: string + type: array + etag: + type: string + id: + type: string + name: + type: string + provisioningState: + type: string + serviceName: + type: string + type: + type: string + type: object + type: array + etag: + type: string + id: + type: string + ipAllocations: + items: + description: |- + Storage version of v1api20201101.SubResource_STATUS + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + ipConfigurationProfiles: + items: + description: |- + Storage version of v1api20201101.IPConfigurationProfile_STATUS + IP configuration profile child resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + ipConfigurations: + items: + description: |- + Storage version of v1api20201101.IPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + IP configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + name: + type: string + natGateway: description: |- Storage version of v1api20201101.SubResource_STATUS Reference to another subresource. @@ -51958,11 +65031,10 @@ spec: id: type: string type: object - dhcpOptions: + networkSecurityGroup: description: |- - Storage version of v1api20201101.DhcpOptions_STATUS - DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for - a subnet overrides VNET DHCP options. + Storage version of v1api20201101.NetworkSecurityGroup_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + NetworkSecurityGroup resource. properties: $propertyBag: additionalProperties: @@ -51971,21 +65043,55 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - dnsServers: - items: - type: string - type: array + id: + type: string type: object - enableDdosProtection: - type: boolean - enableVmProtection: - type: boolean - etag: + privateEndpointNetworkPolicies: type: string - extendedLocation: + privateEndpoints: + items: + description: |- + Storage version of v1api20201101.PrivateEndpoint_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Private endpoint resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + privateLinkServiceNetworkPolicies: + type: string + provisioningState: + type: string + purpose: + type: string + resourceNavigationLinks: + items: + description: |- + Storage version of v1api20201101.ResourceNavigationLink_STATUS + ResourceNavigationLink resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + routeTable: description: |- - Storage version of v1api20201101.ExtendedLocation_STATUS - ExtendedLocation complex type. + Storage version of v1api20201101.RouteTable_STATUS_SubResourceEmbedded + Route table resource. properties: $propertyBag: additionalProperties: @@ -51994,18 +65100,14 @@ spec: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions type: object - name: - type: string - type: + id: type: string type: object - id: - type: string - ipAllocations: + serviceAssociationLinks: items: description: |- - Storage version of v1api20201101.SubResource_STATUS - Reference to another subresource. + Storage version of v1api20201101.ServiceAssociationLink_STATUS + ServiceAssociationLink resource. properties: $propertyBag: additionalProperties: @@ -52018,58 +65120,54 @@ spec: type: string type: object type: array - location: - type: string - name: - type: string - provisioningState: - type: string - resourceGuid: - type: string - tags: - additionalProperties: - type: string - type: object + serviceEndpointPolicies: + items: + description: |- + Storage version of v1api20201101.ServiceEndpointPolicy_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Service End point policy resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + serviceEndpoints: + items: + description: |- + Storage version of v1api20201101.ServiceEndpointPropertiesFormat_STATUS + The service endpoint properties. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + locations: + items: + type: string + type: array + provisioningState: + type: string + service: + type: string + type: object + type: array type: type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 - labels: - app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.9.0 - name: virtualnetworkssubnets.network.azure.com -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: azureserviceoperator-webhook-service - namespace: azureserviceoperator-system - path: /convert - port: 443 - conversionReviewVersions: - - v1 - group: network.azure.com - names: - kind: VirtualNetworksSubnet - listKind: VirtualNetworksSubnetList - plural: virtualnetworkssubnets - singular: virtualnetworkssubnet - preserveUnknownFields: false - scope: Namespaced - versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready @@ -52083,12 +65181,12 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20201101 + name: v1api20240301 schema: openAPIV3Schema: description: |- Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/virtualNetwork.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: @@ -52118,8 +65216,8 @@ spec: items: type: string type: array - applicationGatewayIpConfigurations: - description: 'ApplicationGatewayIpConfigurations: Application gateway IP configurations of virtual network resource.' + applicationGatewayIPConfigurations: + description: 'ApplicationGatewayIPConfigurations: Application gateway IP configurations of virtual network resource.' items: description: IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: @@ -52150,6 +65248,11 @@ spec: AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string + defaultOutboundAccess: + description: |- + DefaultOutboundAccess: Set this property to false to disable default outbound connectivity for all VMs in the subnet. + This property can only be set at the time of subnet creation and cannot be updated for an existing subnet. + type: boolean delegations: description: 'Delegations: An array of references to the delegations on the subnet.' items: @@ -52238,6 +65341,72 @@ spec: type: string type: object type: object + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMapExpressions: + description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object owner: description: |- Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also @@ -52256,6 +65425,8 @@ spec: enum: - Disabled - Enabled + - NetworkSecurityGroupEnabled + - RouteTableEnabled type: string privateLinkServiceNetworkPolicies: description: 'PrivateLinkServiceNetworkPolicies: Enable or Disable apply network policies on private link service in the subnet.' @@ -52324,11 +65495,43 @@ spec: items: type: string type: array + networkIdentifier: + description: 'NetworkIdentifier: SubResource as network identifier.' + properties: + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object service: description: 'Service: The type of the endpoint service.' type: string type: object type: array + sharingScope: + description: |- + SharingScope: Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This + property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty. + enum: + - DelegatedServices + - Tenant + type: string required: - owner type: object @@ -52342,8 +65545,8 @@ spec: items: type: string type: array - applicationGatewayIpConfigurations: - description: 'ApplicationGatewayIpConfigurations: Application gateway IP configurations of virtual network resource.' + applicationGatewayIPConfigurations: + description: 'ApplicationGatewayIPConfigurations: Application gateway IP configurations of virtual network resource.' items: description: IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: @@ -52396,6 +65599,11 @@ spec: - type type: object type: array + defaultOutboundAccess: + description: |- + DefaultOutboundAccess: Set this property to false to disable default outbound connectivity for all VMs in the subnet. + This property can only be set at the time of subnet creation and cannot be updated for an existing subnet. + type: boolean delegations: description: 'Delegations: An array of references to the delegations on the subnet.' items: @@ -52550,6 +65758,13 @@ spec: items: type: string type: array + networkIdentifier: + description: 'NetworkIdentifier: SubResource as network identifier.' + properties: + id: + description: 'Id: Resource ID.' + type: string + type: object provisioningState: description: 'ProvisioningState: The provisioning state of the service endpoint resource.' type: string @@ -52558,6 +65773,11 @@ spec: type: string type: object type: array + sharingScope: + description: |- + SharingScope: Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This + property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty. + type: string type: description: 'Type: Resource type.' type: string @@ -52580,13 +65800,13 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20201101storage + name: v1api20240301storage schema: openAPIV3Schema: description: |- - Storage version of v1api20201101.VirtualNetworksSubnet + Storage version of v1api20240301.VirtualNetworksSubnet Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json + - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/virtualNetwork.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: @@ -52607,7 +65827,7 @@ spec: metadata: type: object spec: - description: Storage version of v1api20201101.VirtualNetworks_Subnet_Spec + description: Storage version of v1api20240301.VirtualNetworksSubnet_Spec properties: $propertyBag: additionalProperties: @@ -52622,10 +65842,10 @@ spec: items: type: string type: array - applicationGatewayIpConfigurations: + applicationGatewayIPConfigurations: items: description: |- - Storage version of v1api20201101.ApplicationGatewayIPConfiguration_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.ApplicationGatewayIPConfiguration_VirtualNetworks_Subnet_SubResourceEmbedded IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: $propertyBag: @@ -52662,10 +65882,12 @@ spec: AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn't have to be. type: string + defaultOutboundAccess: + type: boolean delegations: items: description: |- - Storage version of v1api20201101.Delegation + Storage version of v1api20240301.Delegation Details the service to which the subnet is delegated. properties: $propertyBag: @@ -52684,7 +65906,7 @@ spec: ipAllocations: items: description: |- - Storage version of v1api20201101.SubResource + Storage version of v1api20240301.SubResource Reference to another subresource. properties: $propertyBag: @@ -52718,7 +65940,7 @@ spec: type: array natGateway: description: |- - Storage version of v1api20201101.SubResource + Storage version of v1api20240301.SubResource Reference to another subresource. properties: $propertyBag: @@ -52751,7 +65973,7 @@ spec: type: object networkSecurityGroup: description: |- - Storage version of v1api20201101.NetworkSecurityGroupSpec_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.NetworkSecurityGroupSpec_VirtualNetworks_Subnet_SubResourceEmbedded NetworkSecurityGroup resource. properties: $propertyBag: @@ -52782,6 +66004,77 @@ spec: type: string type: object type: object + operatorSpec: + description: |- + Storage version of v1api20240301.VirtualNetworksSubnetOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMapExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + secretExpressions: + items: + description: |- + DestinationExpression is a CEL expression and a destination to store the result in. The destination may + be a secret or a configmap. The value of the expression is stored at the specified location in + the destination. + properties: + key: + description: |- + Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string + this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string + Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting + map[string]string. + type: string + name: + description: |- + Name is the name of the Kubernetes configmap or secret to write to. + The configmap or secret will be created in the same namespace as the resource. + type: string + value: + description: |- + Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information + on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ + type: string + required: + - name + - value + type: object + type: array + type: object originalVersion: type: string owner: @@ -52803,7 +66096,7 @@ spec: type: string routeTable: description: |- - Storage version of v1api20201101.RouteTableSpec_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.RouteTableSpec_VirtualNetworks_Subnet_SubResourceEmbedded Route table resource. properties: $propertyBag: @@ -52837,7 +66130,7 @@ spec: serviceEndpointPolicies: items: description: |- - Storage version of v1api20201101.ServiceEndpointPolicySpec_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.ServiceEndpointPolicySpec_VirtualNetworks_Subnet_SubResourceEmbedded Service End point policy resource. properties: $propertyBag: @@ -52872,7 +66165,7 @@ spec: serviceEndpoints: items: description: |- - Storage version of v1api20201101.ServiceEndpointPropertiesFormat + Storage version of v1api20240301.ServiceEndpointPropertiesFormat The service endpoint properties. properties: $propertyBag: @@ -52886,15 +66179,50 @@ spec: items: type: string type: array + networkIdentifier: + description: |- + Storage version of v1api20240301.SubResource + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: Resource ID.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object service: type: string type: object type: array + sharingScope: + type: string required: - owner type: object status: - description: Storage version of v1api20201101.VirtualNetworks_Subnet_STATUS + description: Storage version of v1api20240301.VirtualNetworksSubnet_STATUS properties: $propertyBag: additionalProperties: @@ -52909,10 +66237,10 @@ spec: items: type: string type: array - applicationGatewayIpConfigurations: + applicationGatewayIPConfigurations: items: description: |- - Storage version of v1api20201101.ApplicationGatewayIPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.ApplicationGatewayIPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: $propertyBag: @@ -52969,10 +66297,12 @@ spec: - type type: object type: array + defaultOutboundAccess: + type: boolean delegations: items: description: |- - Storage version of v1api20201101.Delegation_STATUS + Storage version of v1api20240301.Delegation_STATUS Details the service to which the subnet is delegated. properties: $propertyBag: @@ -53007,7 +66337,7 @@ spec: ipAllocations: items: description: |- - Storage version of v1api20201101.SubResource_STATUS + Storage version of v1api20240301.SubResource_STATUS Reference to another subresource. properties: $propertyBag: @@ -53024,7 +66354,7 @@ spec: ipConfigurationProfiles: items: description: |- - Storage version of v1api20201101.IPConfigurationProfile_STATUS + Storage version of v1api20240301.IPConfigurationProfile_STATUS IP configuration profile child resource. properties: $propertyBag: @@ -53041,7 +66371,7 @@ spec: ipConfigurations: items: description: |- - Storage version of v1api20201101.IPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.IPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded IP configuration. properties: $propertyBag: @@ -53059,7 +66389,7 @@ spec: type: string natGateway: description: |- - Storage version of v1api20201101.SubResource_STATUS + Storage version of v1api20240301.SubResource_STATUS Reference to another subresource. properties: $propertyBag: @@ -53074,7 +66404,7 @@ spec: type: object networkSecurityGroup: description: |- - Storage version of v1api20201101.NetworkSecurityGroup_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.NetworkSecurityGroup_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded NetworkSecurityGroup resource. properties: $propertyBag: @@ -53092,7 +66422,7 @@ spec: privateEndpoints: items: description: |- - Storage version of v1api20201101.PrivateEndpoint_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.PrivateEndpoint_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded Private endpoint resource. properties: $propertyBag: @@ -53115,7 +66445,7 @@ spec: resourceNavigationLinks: items: description: |- - Storage version of v1api20201101.ResourceNavigationLink_STATUS + Storage version of v1api20240301.ResourceNavigationLink_STATUS ResourceNavigationLink resource. properties: $propertyBag: @@ -53131,7 +66461,7 @@ spec: type: array routeTable: description: |- - Storage version of v1api20201101.RouteTable_STATUS_SubResourceEmbedded + Storage version of v1api20240301.RouteTable_STATUS_SubResourceEmbedded Route table resource. properties: $propertyBag: @@ -53147,7 +66477,7 @@ spec: serviceAssociationLinks: items: description: |- - Storage version of v1api20201101.ServiceAssociationLink_STATUS + Storage version of v1api20240301.ServiceAssociationLink_STATUS ServiceAssociationLink resource. properties: $propertyBag: @@ -53164,7 +66494,7 @@ spec: serviceEndpointPolicies: items: description: |- - Storage version of v1api20201101.ServiceEndpointPolicy_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Storage version of v1api20240301.ServiceEndpointPolicy_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded Service End point policy resource. properties: $propertyBag: @@ -53181,7 +66511,7 @@ spec: serviceEndpoints: items: description: |- - Storage version of v1api20201101.ServiceEndpointPropertiesFormat_STATUS + Storage version of v1api20240301.ServiceEndpointPropertiesFormat_STATUS The service endpoint properties. properties: $propertyBag: @@ -53195,12 +66525,29 @@ spec: items: type: string type: array + networkIdentifier: + description: |- + Storage version of v1api20240301.SubResource_STATUS + Reference to another subresource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object provisioningState: type: string service: type: string type: object type: array + sharingScope: + type: string type: type: string type: object diff --git a/config/aso/kustomization.yaml b/config/aso/kustomization.yaml index b2edbd45157..18cdfce6ed5 100644 --- a/config/aso/kustomization.yaml +++ b/config/aso/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1alpha1 kind: Component namespace: capz-system resources: -- https://github.com/Azure/azure-service-operator/releases/download/v2.9.0/azureserviceoperator_v2.9.0.yaml +- https://github.com/Azure/azure-service-operator/releases/download/v2.11.0/azureserviceoperator_v2.11.0.yaml - crds.yaml - settings.yaml