diff --git a/.github/dependabot.yml b/.github/dependabot.yml index cf25643bf09..63561278e65 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -12,6 +12,9 @@ updates: time: "09:00" # Use America/New_York Standard Time (UTC -05:00) timezone: "America/New_York" + groups: + all-github-actions: + patterns: [ "*" ] commit-message: prefix: "dependabot" include: scope @@ -37,6 +40,8 @@ updates: - dependency-name: "sigs.k8s.io/controller-runtime" # Ignore k8s and its transitives modules as they are upgraded manually together with controller-runtime. - dependency-name: "k8s.io/*" + - dependency-name: "github.com/prometheus/*" + update-types: [ "version-update:semver-major", "version-update:semver-minor"] # Consume only patch updates. - dependency-name: "go.etcd.io/*" - dependency-name: "google.golang.org/grpc" - dependency-name: "sigs.k8s.io/cloud-provider-azure" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f54bdb8485e..9cad9c6fbcf 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,16 +41,16 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: egress-policy: audit - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3 + uses: github/codeql-action/init@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3 + uses: github/codeql-action/autobuild@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3 + uses: github/codeql-action/analyze@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependabot-code-gen.yml b/.github/workflows/dependabot-code-gen.yml index 043d75760c9..59b1aab0cc3 100644 --- a/.github/workflows/dependabot-code-gen.yml +++ b/.github/workflows/dependabot-code-gen.yml @@ -20,16 +20,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: egress-policy: audit - name: Set up Go 1.x - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: '1.21' + go-version: '1.22' id: go - name: Check out code into the Go module directory - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # tag=v4.0.2 name: Restore go cache with: diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 35288cf3603..c1209291aab 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,11 +17,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: 'Dependency Review' - uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2 + uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index cba2d80d98f..60b76dd2de5 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -13,15 +13,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: egress-policy: audit - name: Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # tag=v4.1.4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # tag=v4.1.7 - name: Setup go - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: 1.21 + go-version: 1.22 - name: Run verify container script run: make verify-container-images diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index c807227629e..8e3dd87a772 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -31,17 +31,17 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -63,7 +63,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: SARIF file path: results.sarif @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: results.sarif diff --git a/.gitignore b/.gitignore index 346e2f6bc20..1a768d4a519 100644 --- a/.gitignore +++ b/.gitignore @@ -84,3 +84,12 @@ release-*/manifests/calico-*.yaml # mentioned in the capz book /sp.json /cluster.yaml + +# CI workload-identity +jwks.json +*.pub +*.key +azure_identity_id +azure_wi_back_compat +openid-configuration.json +aks-mgmt.config diff --git a/.golangci.yml b/.golangci.yml index b447bfd172a..cd75acf4d18 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -123,11 +123,11 @@ linters-settings: arguments: - disableStutteringCheck staticcheck: - go: "1.21" + go: "1.22" stylecheck: - go: "1.21" + go: "1.22" unused: - go: "1.21" + go: "1.22" issues: exclude-rules: diff --git a/CHANGELOG/v1.13.6.md b/CHANGELOG/v1.13.6.md index bba09de7996..7d5c17d9076 100644 --- a/CHANGELOG/v1.13.6.md +++ b/CHANGELOG/v1.13.6.md @@ -2,9 +2,9 @@ ### Bug or Regression -- [`AZURE_SYNC_PERIOD`](https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/#azure_sync_period) for ASO now defaults to `1h` instead of "effectively never" ([#4782](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4782), [@k8s-infra-cherrypick-robot](https://github.com/k8s-infra-cherrypick-robot)) +- [`AZURE_SYNC_PERIOD`](https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/#azure_sync_period) for ASO now defaults to `1h` instead of "effectively never" ([#4782](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4782), [@nojnhuh](https://github.com/nojnhuh)) - Don't allow fleetsMembers to have capital letters. Default fleet spec.group. ([#4820](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4820), [@willie-yao](https://github.com/willie-yao)) -- Use correct resource group for Bastion with custom vnet ([#4817](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4817), [@k8s-infra-cherrypick-robot](https://github.com/k8s-infra-cherrypick-robot)) +- Use correct resource group for Bastion with custom vnet ([#4817](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4817), [@willie-yao](https://github.com/willie-yao)) ## Dependencies diff --git a/CHANGELOG/v1.14.4.md b/CHANGELOG/v1.14.4.md new file mode 100644 index 00000000000..574d87f71ba --- /dev/null +++ b/CHANGELOG/v1.14.4.md @@ -0,0 +1,19 @@ +## Changes by Kind + +### Bug or Regression + +- Don't allow fleetsMembers to have capital letters. Default fleet spec.group. ([#4818](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4818), [@willie-yao](https://github.com/willie-yao)) +- [`AZURE_SYNC_PERIOD`](https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/#azure_sync_period) for ASO now defaults to `1h` instead of "effectively never" ([#4783](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4783), [@nojnhuh](https://github.com/nojnhuh)) +- Allow upper-case Azure resource names ([#4815](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4815), [@willie-yao](https://github.com/willie-yao)) +- Use correct resource group for Bastion with custom vnet ([#4816](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4816), [@willie-yao](https://github.com/willie-yao)) + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +_Nothing has changed._ + +### Removed +_Nothing has changed._ diff --git a/CHANGELOG/v1.14.5.md b/CHANGELOG/v1.14.5.md new file mode 100644 index 00000000000..00eca33a6cf --- /dev/null +++ b/CHANGELOG/v1.14.5.md @@ -0,0 +1,25 @@ +## Changes by Kind + +### Bug or Regression + +- Set cluster name label for pre-existing kubeconfig ([#4846](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4846), [@willie-yao](https://github.com/willie-yao)) + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.6.5 ([#4856](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4856), [@mboersma](https://github.com/mboersma)) + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +- sigs.k8s.io/cluster-api/test: v1.6.4 → v1.6.5 +- sigs.k8s.io/cluster-api: v1.6.4 → v1.6.5 + +### Removed +_Nothing has changed._ + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.14.4...v1.14.5 diff --git a/CHANGELOG/v1.14.6.md b/CHANGELOG/v1.14.6.md new file mode 100644 index 00000000000..0df4edbda42 --- /dev/null +++ b/CHANGELOG/v1.14.6.md @@ -0,0 +1,21 @@ +## Changes by Kind + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.6.6 ([#4916](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4916), [@mboersma](https://github.com/mboersma)) + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +- sigs.k8s.io/cluster-api/test: v1.6.5 → v1.6.6 +- sigs.k8s.io/cluster-api: v1.6.5 → v1.6.6 + +### Removed +_Nothing has changed._ + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.14.5...v1.14.6 diff --git a/CHANGELOG/v1.14.7.md b/CHANGELOG/v1.14.7.md new file mode 100644 index 00000000000..becae2e9df3 --- /dev/null +++ b/CHANGELOG/v1.14.7.md @@ -0,0 +1,21 @@ +## Changes by Kind + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.6.7 ([#4975](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4975), [@mboersma](https://github.com/mboersma)) + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +- sigs.k8s.io/cluster-api/test: v1.6.6 → v1.6.7 +- sigs.k8s.io/cluster-api: v1.6.6 → v1.6.7 + +### Removed +_Nothing has changed._ + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.14.6...v1.14.7 diff --git a/CHANGELOG/v1.15.1.md b/CHANGELOG/v1.15.1.md new file mode 100644 index 00000000000..a71e91a5271 --- /dev/null +++ b/CHANGELOG/v1.15.1.md @@ -0,0 +1,25 @@ +## Changes by Kind + +### Bug or Regression + +- Set cluster name label for pre-existing kubeconfig ([#4848](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4848), [@willie-yao](https://github.com/willie-yao)) + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.7.2 ([#4858](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4858), [@mboersma](https://github.com/mboersma)) + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +- sigs.k8s.io/cluster-api/test: v1.7.1 → v1.7.2 +- sigs.k8s.io/cluster-api: v1.7.1 → v1.7.2 + +### Removed +_Nothing has changed._ + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.15.0...v1.15.1 diff --git a/CHANGELOG/v1.15.2.md b/CHANGELOG/v1.15.2.md new file mode 100644 index 00000000000..880acdc608a --- /dev/null +++ b/CHANGELOG/v1.15.2.md @@ -0,0 +1,22 @@ +## Changes by Kind + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.7.3 ([#4919](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4919), [@mboersma](https://github.com/mboersma)) + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +- sigs.k8s.io/cluster-api/test: v1.7.2 → v1.7.3 +- sigs.k8s.io/cluster-api: v1.7.2 → v1.7.3 +- sigs.k8s.io/kind: v0.22.0 → v0.23.0 + +### Removed +- github.com/kr/pty: [v1.1.1](https://github.com/kr/pty/tree/v1.1.1) + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.15.1...v1.15.2 diff --git a/CHANGELOG/v1.15.3.md b/CHANGELOG/v1.15.3.md new file mode 100644 index 00000000000..65b873d5ef7 --- /dev/null +++ b/CHANGELOG/v1.15.3.md @@ -0,0 +1,25 @@ +## Changes by Kind + +### Bug or Regression + +- Fixed a bug causing ASO and non-AKS-native autoscalers to fight over the replica count of an AzureASOManagedMachinePool ([#4935](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4935), [@nojnhuh](https://github.com/nojnhuh)) + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.7.4 ([#4979](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4979), [@mboersma](https://github.com/mboersma)) + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +- sigs.k8s.io/cluster-api/test: v1.7.3 → v1.7.4 +- sigs.k8s.io/cluster-api: v1.7.3 → v1.7.4 + +### Removed +_Nothing has changed._ + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.15.2...v1.15.3 diff --git a/CHANGELOG/v1.16.0.md b/CHANGELOG/v1.16.0.md new file mode 100644 index 00000000000..b15476b83e9 --- /dev/null +++ b/CHANGELOG/v1.16.0.md @@ -0,0 +1,104 @@ +## Changes by Kind + +### Feature + +- Add option DisableExtensionOperations to disable VMExtensions ([#4792](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4792), [@RadekManak](https://github.com/RadekManak)) +- Added support for aggregation role. Additional RBAC permissions can be included by providing `cluster.x-k8s.io/aggregate-to-capz-manager: "true"` label. ([#4933](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4933), [@Danil-Grigorev](https://github.com/Danil-Grigorev)) +- AzureManagedControlPlane's `spec.enablePreviewFeatures` now uses the 2023-11-02-preview version. ([#4972](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4972), [@nojnhuh](https://github.com/nojnhuh)) +- CAPZ now installs Azure Service Operator v2.8.0. + Go 1.22 is required to build CAPZ. ([#4973](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4973), [@nojnhuh](https://github.com/nojnhuh)) +- CI: workload-identity native ([#4765](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4765), [@jackfrancis](https://github.com/jackfrancis)) +- Supports specifying DiffDiskPlacement on OsDisks which define where an ephemeral OSDisk is placed ([#4928](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4928), [@mweibel](https://github.com/mweibel)) +- The `ASOAPI` feature flag is now enabled by default. The API version of those resources is still `v1alpha1`. ([#4969](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4969), [@nojnhuh](https://github.com/nojnhuh)) +- `ensure-azcli.sh` will log in using `AZURE_WORKLOAD_ID` if `AZURE_FEDERATED_TOKEN_FILE` is available in the env. ([#4939](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4939), [@nawazkh](https://github.com/nawazkh)) + +### Bug or Regression + +- Adds nil check for UserManagedDiagnosticsStorage in azure/converters/diagnostics.go ([#4819](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4819), [@Patryk-Stefanski](https://github.com/Patryk-Stefanski)) +- Fixed a bug causing ASO and non-AKS-native autoscalers to fight over the replica count of an AzureASOManagedMachinePool ([#4929](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4929), [@nojnhuh](https://github.com/nojnhuh)) +- Set cluster name label for pre-existing kubeconfig ([#4833](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4833), [@willie-yao](https://github.com/willie-yao)) +- Decoupled kubeadm dependency from MachinePool reconciler by supplying alternative GVK for reconciler. + - Provided CLI flag: `--bootstrap-config-gvk` allowing to optionally supply alternative to Kubeadm bootstrap config group in the form of `..`. Example: `KubeadmConfig.v1beta1.bootstrap.cluster.x-k8s.io` ([#4931](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4931), [@Danil-Grigorev](https://github.com/Danil-Grigorev)) + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.7.4 ([#4974](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4974), [@mboersma](https://github.com/mboersma)) +- Remove service principal references from CI ([#4978](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4978), [@jackfrancis](https://github.com/jackfrancis)) +- The `spec.resourceID` field for AzureClusterIdentity is deprecated as it no longer has any effect. ([#4831](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4831), [@nojnhuh](https://github.com/nojnhuh)) + +## Dependencies + +### Added +- filippo.io/edwards25519: v1.1.0 +- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dataprotection/armdataprotection/v3: [v3.0.0](https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/resourcemanager/dataprotection/armdataprotection/) +- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/eventhub/armeventhub: [v1.2.0](https://github.com/Azure/azure-sdk-for-go/tree/sdk/resourcemanager/eventhub/armeventhub/v1.2.0) +- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork: [v1.1.0](https://github.com/Azure/azure-sdk-for-go/tree/sdk/resourcemanager/network/armnetwork/v1.1.0) + +### Changed +- cloud.google.com/go/compute/metadata: v0.2.3 → v0.3.0 +- cloud.google.com/go/compute: v1.23.3 → v1.25.1 +- github.com/Azure/azure-sdk-for-go/sdk/azcore: [v1.11.1 → v1.12.0](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azcore/v1.11.1...sdk/azcore/v1.12.0) +- github.com/Azure/azure-sdk-for-go/sdk/azidentity: [v1.5.2 → v1.7.0](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azidentity/v1.5.2...sdk/azidentity/v1.7.0) +- github.com/Azure/azure-sdk-for-go/sdk/internal: [v1.6.0 → v1.9.0](https://github.com/Azure/azure-sdk-for-go/compare/sdk/internal/v1.6.0...sdk/internal/v1.9.0) +- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservicefleet/armcontainerservicefleet: [v1.1.0 → v1.2.0](https://github.com/Azure/azure-sdk-for-go/compare/sdk/resourcemanager/containerservicefleet/armcontainerservicefleet/v1.1.0...sdk/resourcemanager/containerservicefleet/armcontainerservicefleet/v1.2.0) +- github.com/Azure/azure-service-operator/v2: [v2.6.0 → v2.8.0](https://github.com/Azure/azure-service-operator/compare/v2.6.0...v2.8.0) +- github.com/Azure/go-autorest/autorest/azure/auth: [v0.5.12 → v0.5.13](https://github.com/Azure/go-autorest/compare/autorest/azure/auth/v0.5.12...autorest/azure/auth/v0.5.13) +- github.com/Azure/go-autorest/autorest/azure/cli: [v0.4.5 → v0.4.6](https://github.com/Azure/go-autorest/compare/autorest/azure/cli/v0.4.5...autorest/azure/cli/v0.4.6) +- github.com/cenkalti/backoff/v4: [v4.2.1 → v4.3.0](https://github.com/cenkalti/backoff/compare/v4.2.1...v4.3.0) +- github.com/cespare/xxhash/v2: [v2.2.0 → v2.3.0](https://github.com/cespare/xxhash/compare/v2.2.0...v2.3.0) +- github.com/cncf/xds/go: [523115e → 8a4994d](https://github.com/cncf/xds/compare/523115e...8a4994d) +- github.com/cpuguy83/go-md2man/v2: [v2.0.3 → v2.0.4](https://github.com/cpuguy83/go-md2man/compare/v2.0.3...v2.0.4) +- github.com/emicklei/go-restful/v3: [v3.12.0 → v3.12.1](https://github.com/emicklei/go-restful/compare/v3.12.0...v3.12.1) +- github.com/envoyproxy/go-control-plane: [v0.11.1 → v0.12.0](https://github.com/envoyproxy/go-control-plane/compare/v0.11.1...v0.12.0) +- github.com/envoyproxy/protoc-gen-validate: [v1.0.2 → v1.0.4](https://github.com/envoyproxy/protoc-gen-validate/compare/v1.0.2...v1.0.4) +- github.com/go-logr/logr: [v1.4.1 → v1.4.2](https://github.com/go-logr/logr/compare/v1.4.1...v1.4.2) +- github.com/go-openapi/jsonpointer: [v0.20.2 → v0.21.0](https://github.com/go-openapi/jsonpointer/compare/v0.20.2...v0.21.0) +- github.com/go-openapi/jsonreference: [v0.20.4 → v0.21.0](https://github.com/go-openapi/jsonreference/compare/v0.20.4...v0.21.0) +- github.com/go-openapi/swag: [v0.22.8 → v0.23.0](https://github.com/go-openapi/swag/compare/v0.22.8...v0.23.0) +- github.com/go-sql-driver/mysql: [v1.7.1 → v1.8.1](https://github.com/go-sql-driver/mysql/compare/v1.7.1...v1.8.1) +- github.com/golang/glog: [v1.1.2 → v1.2.0](https://github.com/golang/glog/compare/v1.1.2...v1.2.0) +- github.com/google/cel-go: [v0.17.7 → v0.17.8](https://github.com/google/cel-go/compare/v0.17.7...v0.17.8) +- github.com/grpc-ecosystem/grpc-gateway/v2: [v2.19.0 → v2.20.0](https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.19.0...v2.20.0) +- github.com/hashicorp/go-hclog: [v1.5.0 → v1.6.3](https://github.com/hashicorp/go-hclog/compare/v1.5.0...v1.6.3) +- github.com/hashicorp/go-retryablehttp: [v0.7.5 → v0.7.7](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.5...v0.7.7) +- github.com/jackc/pgservicefile: [de7065d → 5a60cdf](https://github.com/jackc/pgservicefile/compare/de7065d...5a60cdf) +- github.com/jackc/pgx/v5: [v5.5.3 → v5.6.0](https://github.com/jackc/pgx/compare/v5.5.3...v5.6.0) +- github.com/microsoft/go-mssqldb: [v1.6.0 → v1.7.2](https://github.com/microsoft/go-mssqldb/compare/v1.6.0...v1.7.2) +- github.com/onsi/ginkgo/v2: [v2.17.2 → v2.19.0](https://github.com/onsi/ginkgo/compare/v2.17.2...v2.19.0) +- github.com/prometheus/client_model: [v0.6.0 → v0.6.1](https://github.com/prometheus/client_model/compare/v0.6.0...v0.6.1) +- github.com/prometheus/procfs: [v0.12.0 → v0.15.1](https://github.com/prometheus/procfs/compare/v0.12.0...v0.15.1) +- github.com/rogpeppe/go-internal: [v1.11.0 → v1.12.0](https://github.com/rogpeppe/go-internal/compare/v1.11.0...v1.12.0) +- github.com/spf13/cobra: [v1.8.0 → v1.8.1](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1) +- github.com/stoewer/go-strcase: [v1.2.0 → v1.3.0](https://github.com/stoewer/go-strcase/compare/v1.2.0...v1.3.0) +- golang.org/x/crypto: v0.22.0 → v0.25.0 +- golang.org/x/exp: 1b97071 → 7f521ea +- golang.org/x/mod: v0.17.0 → v0.19.0 +- golang.org/x/net: v0.24.0 → v0.26.0 +- golang.org/x/oauth2: v0.18.0 → v0.21.0 +- golang.org/x/sys: v0.19.0 → v0.22.0 +- golang.org/x/telemetry: f48c80b → bda5523 +- golang.org/x/term: v0.19.0 → v0.22.0 +- golang.org/x/text: v0.15.0 → v0.16.0 +- golang.org/x/tools: v0.20.0 → v0.22.0 +- google.golang.org/genproto/googleapis/api: 50ed04b → a8a6208 +- google.golang.org/genproto/googleapis/rpc: 50ed04b → a8a6208 +- google.golang.org/genproto: 995d672 → bbf56f3 +- google.golang.org/grpc: v1.61.1 → v1.64.1 +- google.golang.org/protobuf: v1.33.0 → v1.34.2 +- k8s.io/klog/v2: v2.120.1 → v2.130.1 +- k8s.io/utils: e7106e6 → fe8a2dd +- sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.28.0 → v0.30.3 +- sigs.k8s.io/cluster-api/test: v1.7.1 → v1.7.4 +- sigs.k8s.io/cluster-api: v1.7.1 → v1.7.4 +- sigs.k8s.io/kind: v0.22.0 → v0.23.0 + +### Removed +- github.com/cncf/udpa/go: [c52dc94](https://github.com/cncf/udpa/tree/c52dc94) +- github.com/felixge/fgprof: [v0.9.3](https://github.com/felixge/fgprof/tree/v0.9.3) +- github.com/kr/pty: [v1.1.1](https://github.com/kr/pty/tree/v1.1.1) +- github.com/modocache/gover: [b58185e](https://github.com/modocache/gover/tree/b58185e) +- github.com/pkg/profile: [v1.7.0](https://github.com/pkg/profile/tree/v1.7.0) + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.15.0...v1.16.0 diff --git a/CHANGELOG/v1.16.1.md b/CHANGELOG/v1.16.1.md new file mode 100644 index 00000000000..6430ff073d9 --- /dev/null +++ b/CHANGELOG/v1.16.1.md @@ -0,0 +1,34 @@ +## Changes by Kind + +### Documentation + +- Refactor documentation ([#5094](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5094), [@k8s-infra-cherrypick-robot](https://github.com/k8s-infra-cherrypick-robot)) + +### Bug or Regression + +- Fixed a bug causing unnecessary updates to tags to VMSS resources. ([#5063](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5063), [@k8s-infra-cherrypick-robot](https://github.com/k8s-infra-cherrypick-robot)) +- Fixed a bug preventing the ASOAPI feature flag from being enabled by default. ([#5095](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5095), [@k8s-infra-cherrypick-robot](https://github.com/k8s-infra-cherrypick-robot)) +- Fixed a bug with AzureASOManagedMachinePools preventing it from mapping Nodes when the AKS node resource group is more than 63 characters long. ([#5056](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5056), [@k8s-infra-cherrypick-robot](https://github.com/k8s-infra-cherrypick-robot)) +- Fixed a bug causing AzureMachinePool to endlessly reconcile when a tag is applied to a VMSS by an external actor like Azure Policy ([#5021](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5021), [@k8s-infra-cherrypick-robot](https://github.com/k8s-infra-cherrypick-robot)) +- Fixed an issue preventing CAPZ from reconciling non-ServicePrincipal-authenticated, AAD-enabled AKS clusters. ([#5073](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5073), [@k8s-infra-cherrypick-robot](https://github.com/k8s-infra-cherrypick-robot)) + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.7.5 ([#5077](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5077), [@mboersma](https://github.com/mboersma)) + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +- github.com/docker/docker: [v25.0.5+incompatible → v25.0.6+incompatible](https://github.com/docker/docker/compare/v25.0.5...v25.0.6) +- sigs.k8s.io/cluster-api/test: v1.7.4 → v1.7.5 +- sigs.k8s.io/cluster-api: v1.7.4 → v1.7.5 + +### Removed +_Nothing has changed._ + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.16.0...v1.16.1 diff --git a/CHANGELOG/v1.17.0.md b/CHANGELOG/v1.17.0.md new file mode 100644 index 00000000000..92b4979a104 --- /dev/null +++ b/CHANGELOG/v1.17.0.md @@ -0,0 +1,142 @@ +## Changes by Kind + +### Feature + +- Flavor templates may now set the AzureClusterIdentity's `spec.type` with the `CLUSTER_IDENTITY_TYPE` variable. ([#5059](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5059), [@nojnhuh](https://github.com/nojnhuh)) +- Use make aks-create tilt-up to use aks cluster as management cluster ([#5064](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5064), [@nawazkh](https://github.com/nawazkh)) + +### Documentation + +- Fix documentation links hard-coded to capz.k8s.io ([#5123](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5123), [@willie-yao](https://github.com/willie-yao)) +- Refactor documentation ([#5088](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5088), [@dtzar](https://github.com/dtzar)) +- Update roadmap ([#5085](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5085), [@dtzar](https://github.com/dtzar)) + +### Bug or Regression + +- Add "cluster" type to subnet role validation ([#5133](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5133), [@mboersma](https://github.com/mboersma)) +- Ensure Machines with delete-machine annotation are deleted first ([#4949](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4949), [@mweibel](https://github.com/mweibel)) +- Fixed a bug causing AzureMachinePool to endlessly reconcile when a tag is applied to a VMSS by an external actor like Azure Policy ([#5020](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5020), [@nojnhuh](https://github.com/nojnhuh)) +- Fixed a bug causing unnecessary updates to tags to VMSS resources. ([#5054](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5054), [@nojnhuh](https://github.com/nojnhuh)) +- Fixed a bug preventing the ASOAPI feature flag from being enabled by default. ([#5093](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5093), [@nojnhuh](https://github.com/nojnhuh)) +- Fixed a bug with AzureASOManagedMachinePools preventing it from mapping Nodes when the AKS node resource group is more than 63 characters long. ([#5055](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5055), [@nojnhuh](https://github.com/nojnhuh)) +- Fixed an issue preventing CAPZ from reconciling non-ServicePrincipal-authenticated, AAD-enabled AKS clusters. ([#5071](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5071), [@nojnhuh](https://github.com/nojnhuh)) +- Fixes a few edge cases related to deleting a MachinePool ([#4959](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4959), [@mweibel](https://github.com/mweibel)) +- Identity type is required to be 'UserAssigned' when using user-assigned identities. ([#5102](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5102), [@bryan-cox](https://github.com/bryan-cox)) +- Refactor method for checking if a virtual network is managed ([#5012](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5012), [@hrbasic](https://github.com/hrbasic)) +- If a FailureDomain is set in a Machine, an availability set won't be created for it even if cluster.status.failureDomains is empty ([#5098](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5098), [@enxebre](https://github.com/enxebre)) + +### Other (Cleanup or Flake) + +- Bump CAPI to v1.7.5 ([#5072](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5072), [@mboersma](https://github.com/mboersma)) +- Bump CAPI to v1.8.1 ([#5057](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5057), [@mboersma](https://github.com/mboersma)) +- Bump CAPI to v1.8.3 ([#5128](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5128), [@mboersma](https://github.com/mboersma)) +- Drop LOCAL_ONLY env var from the test scripts. ([#4998](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/4998), [@nawazkh](https://github.com/nawazkh)) +- Update mdbook website dependencies ([#5083](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/5083), [@dtzar](https://github.com/dtzar)) + +## Dependencies + +### Added +- github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets: [v0.12.0](https://github.com/Azure/azure-sdk-for-go/tree/sdk/keyvault/azsecrets/v0.12.0) +- github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal: [v0.7.1](https://github.com/Azure/azure-sdk-for-go/tree/sdk/keyvault/internal/v0.7.1) +- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v3: [v3.0.0](https://github.com/Azure/azure-sdk-for-go/tree/sdk/resourcemanager/internal/v3.0.0) +- github.com/fxamacker/cbor/v2: [v2.6.0](https://github.com/fxamacker/cbor/tree/v2.6.0) +- github.com/golang-jwt/jwt: [v3.2.1+incompatible](https://github.com/golang-jwt/jwt/tree/v3.2.1) +- github.com/hashicorp/errwrap: [v1.1.0](https://github.com/hashicorp/errwrap/tree/v1.1.0) +- github.com/hashicorp/go-multierror: [v1.1.1](https://github.com/hashicorp/go-multierror/tree/v1.1.1) +- github.com/moby/docker-image-spec: [v1.3.1](https://github.com/moby/docker-image-spec/tree/v1.3.1) +- github.com/x448/float16: [v0.8.4](https://github.com/x448/float16/tree/v0.8.4) +- k8s.io/gengo/v2: 51d4e06 + +### Changed +- cloud.google.com/go/firestore: v1.14.0 → v1.15.0 +- cloud.google.com/go/longrunning: v0.5.4 → v0.5.5 +- cloud.google.com/go: v0.110.10 → v0.112.1 +- github.com/Azure/azure-kusto-go: [v0.15.1 → v0.15.3](https://github.com/Azure/azure-kusto-go/compare/v0.15.1...v0.15.3) +- github.com/Azure/azure-sdk-for-go/sdk/azcore: [v1.12.0 → v1.14.0](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azcore/v1.12.0...sdk/azcore/v1.14.0) +- github.com/Azure/azure-sdk-for-go/sdk/internal: [v1.9.0 → v1.10.0](https://github.com/Azure/azure-sdk-for-go/compare/sdk/internal/v1.9.0...sdk/internal/v1.10.0) +- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage: [v1.5.0 → v1.6.0](https://github.com/Azure/azure-sdk-for-go/compare/sdk/resourcemanager/storage/armstorage/v1.5.0...sdk/resourcemanager/storage/armstorage/v1.6.0) +- github.com/Azure/go-autorest/autorest/adal: [v0.9.23 → v0.9.24](https://github.com/Azure/go-autorest/compare/autorest/adal/v0.9.23...autorest/adal/v0.9.24) +- github.com/BurntSushi/toml: [v1.2.1 → v1.4.0](https://github.com/BurntSushi/toml/compare/v1.2.1...v1.4.0) +- github.com/adrg/xdg: [v0.4.0 → v0.5.0](https://github.com/adrg/xdg/compare/v0.4.0...v0.5.0) +- github.com/alessio/shellescape: [v1.4.1 → v1.4.2](https://github.com/alessio/shellescape/compare/v1.4.1...v1.4.2) +- github.com/coredns/caddy: [v1.1.0 → v1.1.1](https://github.com/coredns/caddy/compare/v1.1.0...v1.1.1) +- github.com/coredns/corefile-migration: [v1.0.21 → v1.0.23](https://github.com/coredns/corefile-migration/compare/v1.0.21...v1.0.23) +- github.com/distribution/reference: [v0.5.0 → v0.6.0](https://github.com/distribution/reference/compare/v0.5.0...v0.6.0) +- github.com/docker/docker: [v25.0.5+incompatible → v27.1.1+incompatible](https://github.com/docker/docker/compare/v25.0.5...v27.1.1) +- github.com/fatih/color: [v1.16.0 → v1.17.0](https://github.com/fatih/color/compare/v1.16.0...v1.17.0) +- github.com/google/pprof: [a892ee0 → fa2c70b](https://github.com/google/pprof/compare/a892ee0...fa2c70b) +- github.com/googleapis/gax-go/v2: [v2.12.0 → v2.12.3](https://github.com/googleapis/gax-go/compare/v2.12.0...v2.12.3) +- github.com/hashicorp/consul/api: [v1.25.1 → v1.28.2](https://github.com/hashicorp/consul/compare/api/v1.25.1...api/v1.28.2) +- github.com/klauspost/compress: [v1.17.0 → v1.17.2](https://github.com/klauspost/compress/compare/v1.17.0...v1.17.2) +- github.com/nats-io/nats.go: [v1.31.0 → v1.34.0](https://github.com/nats-io/nats.go/compare/v1.31.0...v1.34.0) +- github.com/nats-io/nkeys: [v0.4.6 → v0.4.7](https://github.com/nats-io/nkeys/compare/v0.4.6...v0.4.7) +- github.com/onsi/ginkgo/v2: [v2.19.0 → v2.20.2](https://github.com/onsi/ginkgo/compare/v2.19.0...v2.20.2) +- github.com/onsi/gomega: [v1.33.1 → v1.34.2](https://github.com/onsi/gomega/compare/v1.33.1...v1.34.2) +- github.com/pelletier/go-toml/v2: [v2.1.0 → v2.2.2](https://github.com/pelletier/go-toml/compare/v2.1.0...v2.2.2) +- github.com/sagikazarmark/crypt: [v0.17.0 → v0.19.0](https://github.com/sagikazarmark/crypt/compare/v0.17.0...v0.19.0) +- github.com/spf13/viper: [v1.18.2 → v1.19.0](https://github.com/spf13/viper/compare/v1.18.2...v1.19.0) +- github.com/stretchr/objx: [v0.5.0 → v0.5.2](https://github.com/stretchr/objx/compare/v0.5.0...v0.5.2) +- go.etcd.io/etcd/api/v3: v3.5.13 → v3.5.15 +- go.etcd.io/etcd/client/pkg/v3: v3.5.13 → v3.5.15 +- go.etcd.io/etcd/client/v2: v2.305.10 → v2.305.12 +- go.etcd.io/etcd/client/v3: v3.5.13 → v3.5.15 +- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc: v0.46.0 → v0.49.0 +- go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.46.0 → v0.52.0 +- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.24.0 → v1.27.0 +- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.24.0 → v1.27.0 +- go.opentelemetry.io/otel/metric: v1.24.0 → v1.27.0 +- go.opentelemetry.io/otel/sdk/metric: v1.24.0 → v1.27.0 +- go.opentelemetry.io/otel/sdk: v1.24.0 → v1.27.0 +- go.opentelemetry.io/otel/trace: v1.24.0 → v1.27.0 +- go.opentelemetry.io/otel: v1.24.0 → v1.27.0 +- go.opentelemetry.io/proto/otlp: v1.1.0 → v1.3.1 +- go.uber.org/atomic: v1.10.0 → v1.9.0 +- go.uber.org/zap: v1.26.0 → v1.27.0 +- golang.org/x/crypto: v0.25.0 → v0.27.0 +- golang.org/x/exp: 7f521ea → 8a7402a +- golang.org/x/mod: v0.19.0 → v0.21.0 +- golang.org/x/net: v0.26.0 → v0.28.0 +- golang.org/x/sync: v0.7.0 → v0.8.0 +- golang.org/x/sys: v0.22.0 → v0.25.0 +- golang.org/x/term: v0.22.0 → v0.24.0 +- golang.org/x/text: v0.16.0 → v0.18.0 +- golang.org/x/tools: v0.22.0 → v0.24.0 +- google.golang.org/api: v0.153.0 → v0.171.0 +- google.golang.org/genproto: bbf56f3 → 012b6fc +- k8s.io/api: v0.29.3 → v0.30.3 +- k8s.io/apiextensions-apiserver: v0.29.3 → v0.30.3 +- k8s.io/apimachinery: v0.29.3 → v0.30.3 +- k8s.io/apiserver: v0.29.3 → v0.30.3 +- k8s.io/cli-runtime: v0.29.3 → v0.30.3 +- k8s.io/client-go: v0.29.3 → v0.30.3 +- k8s.io/cloud-provider: v0.29.3 → v0.30.2 +- k8s.io/cluster-bootstrap: v0.29.3 → v0.30.3 +- k8s.io/code-generator: v0.29.3 → v0.30.3 +- k8s.io/component-base: v0.29.3 → v0.30.3 +- k8s.io/component-helpers: v0.29.3 → v0.30.3 +- k8s.io/controller-manager: v0.29.3 → v0.30.2 +- k8s.io/kms: v0.29.3 → v0.30.3 +- k8s.io/kube-openapi: 2dd684a → 835d969 +- k8s.io/kubectl: v0.29.3 → v0.30.3 +- k8s.io/kubelet: v0.29.3 → v0.30.2 +- k8s.io/metrics: v0.29.3 → v0.30.3 +- sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader: v0.0.1 → v0.0.16 +- sigs.k8s.io/cloud-provider-azure/pkg/azclient: v0.0.2 → v0.0.29 +- sigs.k8s.io/cloud-provider-azure: v1.29.3 → v1.30.4 +- sigs.k8s.io/cluster-api/test: v1.7.4 → v1.8.3 +- sigs.k8s.io/cluster-api: v1.7.4 → v1.8.3 +- sigs.k8s.io/controller-runtime: v0.17.3 → v0.18.5 +- sigs.k8s.io/kind: v0.23.0 → v0.24.0 + +### Removed +- github.com/chromedp/cdproto: [3cf4e6d](https://github.com/chromedp/cdproto/tree/3cf4e6d) +- github.com/chromedp/chromedp: [v0.9.2](https://github.com/chromedp/chromedp/tree/v0.9.2) +- github.com/chromedp/sysutil: [v1.0.0](https://github.com/chromedp/sysutil/tree/v1.0.0) +- github.com/gobwas/httphead: [v0.1.0](https://github.com/gobwas/httphead/tree/v0.1.0) +- github.com/gobwas/pool: [v0.2.1](https://github.com/gobwas/pool/tree/v0.2.1) +- github.com/gobwas/ws: [v1.2.1](https://github.com/gobwas/ws/tree/v1.2.1) +- k8s.io/gengo: 9cce18d + +## Details + +https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.16.0...v1.17.0 diff --git a/Dockerfile b/Dockerfile index c8e507f4a9f..33029e4c82c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ ARG ARCH # Build the manager binary -FROM golang:1.21 as builder +FROM golang:1.22 as builder WORKDIR /workspace # Run this with docker build --build_arg $(go env GOPROXY) to override the goproxy diff --git a/Makefile b/Makefile index fd9a7d2b2d6..bec128a7b0f 100644 --- a/Makefile +++ b/Makefile @@ -33,7 +33,7 @@ export GOPROXY export GO111MODULE=on # Kubebuilder. -export KUBEBUILDER_ENVTEST_KUBERNETES_VERSION ?= 1.29.0 +export KUBEBUILDER_ENVTEST_KUBERNETES_VERSION ?= 1.31.0 export KUBEBUILDER_CONTROLPLANE_START_TIMEOUT ?= 60s export KUBEBUILDER_CONTROLPLANE_STOP_TIMEOUT ?= 60s @@ -69,11 +69,11 @@ ifneq ($(abspath $(ROOT_DIR)),$(GOPATH)/src/sigs.k8s.io/cluster-api-provider-azu endif # Binaries. -CONTROLLER_GEN_VER := v0.14.0 +CONTROLLER_GEN_VER := v0.15.0 CONTROLLER_GEN_BIN := controller-gen CONTROLLER_GEN := $(TOOLS_BIN_DIR)/$(CONTROLLER_GEN_BIN)-$(CONTROLLER_GEN_VER) -CONVERSION_GEN_VER := v0.29.2 +CONVERSION_GEN_VER := v0.30.0 CONVERSION_GEN_BIN := conversion-gen CONVERSION_GEN := $(TOOLS_BIN_DIR)/$(CONVERSION_GEN_BIN)-$(CONVERSION_GEN_VER) @@ -89,6 +89,10 @@ KUSTOMIZE_VER := v5.4.1 KUSTOMIZE_BIN := kustomize KUSTOMIZE := $(TOOLS_BIN_DIR)/$(KUSTOMIZE_BIN)-$(KUSTOMIZE_VER) +AZWI_VER := v1.2.2 +AZWI_BIN := azwi +AZWI := $(TOOLS_BIN_DIR)/$(AZWI_BIN)-$(AZWI_VER) + MOCKGEN_VER := v0.4.0 MOCKGEN_BIN := mockgen MOCKGEN := $(TOOLS_BIN_DIR)/$(MOCKGEN_BIN)-$(MOCKGEN_VER) @@ -97,7 +101,7 @@ RELEASE_NOTES_VER := v0.16.6-0.20240222112346-71feb57b59a4 RELEASE_NOTES_BIN := release-notes RELEASE_NOTES := $(TOOLS_BIN_DIR)/$(RELEASE_NOTES_BIN)-$(RELEASE_NOTES_VER) -KPROMO_VER := v4.0.4 +KPROMO_VER := v4.0.5 KPROMO_BIN := kpromo KPROMO := $(TOOLS_BIN_DIR)/$(KPROMO_BIN)-$(KPROMO_VER) @@ -130,7 +134,11 @@ CODESPELL_BIN := codespell CODESPELL_DIST_DIR := codespell_dist CODESPELL := $(TOOLS_BIN_DIR)/$(CODESPELL_DIST_DIR)/$(CODESPELL_BIN) -SETUP_ENVTEST_VER := v0.0.0-20231012212722-e25aeebc7846 +# This is a commit from CR main (22.05.2024). +# Intentionally using a commit from main to use a setup-envtest version +# that uses binaries from controller-tools, not GCS. +# CR PR: https://github.com/kubernetes-sigs/controller-runtime/pull/2811 +SETUP_ENVTEST_VER := v0.0.0-20240522175850-2e9781e9fc60 SETUP_ENVTEST_BIN := setup-envtest SETUP_ENVTEST := $(abspath $(TOOLS_BIN_DIR)/$(SETUP_ENVTEST_BIN)-$(SETUP_ENVTEST_VER)) SETUP_ENVTEST_PKG := sigs.k8s.io/controller-runtime/tools/setup-envtest @@ -157,7 +165,7 @@ CRD_ROOT ?= $(MANIFEST_ROOT)/crd/bases WEBHOOK_ROOT ?= $(MANIFEST_ROOT)/webhook RBAC_ROOT ?= $(MANIFEST_ROOT)/rbac ASO_CRDS_PATH := $(MANIFEST_ROOT)/aso/crds.yaml -ASO_VERSION := v2.6.0 +ASO_VERSION := v2.8.0 ASO_CRDS := resourcegroups.resources.azure.com natgateways.network.azure.com managedclusters.containerservice.azure.com managedclustersagentpools.containerservice.azure.com bastionhosts.network.azure.com virtualnetworks.network.azure.com virtualnetworkssubnets.network.azure.com privateendpoints.network.azure.com fleetsmembers.containerservice.azure.com extensions.kubernetesconfiguration.azure.com # Allow overriding the imagePullPolicy @@ -173,6 +181,7 @@ ARTIFACTS ?= $(ROOT_DIR)/_artifacts E2E_CONF_FILE ?= $(ROOT_DIR)/test/e2e/config/azure-dev.yaml E2E_CONF_FILE_ENVSUBST := $(ROOT_DIR)/test/e2e/config/azure-dev-envsubst.yaml SKIP_CLEANUP ?= false +AZWI_SKIP_CLEANUP ?= false SKIP_LOG_COLLECTION ?= false # @sonasingh46: Skip creating mgmt cluster for ci as workload identity needs kind cluster # to be created with extra mounts for key pairs which is not yet supported @@ -187,6 +196,11 @@ LDFLAGS := $(shell hack/version.sh) CLUSTER_TEMPLATE ?= cluster-template.yaml export KIND_CLUSTER_NAME ?= capz +export RANDOM_SUFFIX := $(shell /bin/bash -c "echo $$RANDOM") +export AZWI_RESOURCE_GROUP ?= capz-wi-$(RANDOM_SUFFIX) +export CI_RG ?= $(AZWI_RESOURCE_GROUP) +export USER_IDENTITY ?= $(addsuffix $(RANDOM_SUFFIX),$(CI_RG)) +export AZURE_IDENTITY_ID_FILEPATH ?= $(ROOT_DIR)/azure_identity_id ## -------------------------------------- ## Binaries @@ -283,7 +297,7 @@ verify-codespell: codespell ## Verify codespell. ##@ Development: .PHONY: install-tools # populate hack/tools/bin -install-tools: $(ENVSUBST) $(KUSTOMIZE) $(KUBECTL) $(HELM) $(GINKGO) $(KIND) +install-tools: $(ENVSUBST) $(KUSTOMIZE) $(KUBECTL) $(HELM) $(GINKGO) $(KIND) $(AZWI) .PHONY: create-management-cluster create-management-cluster: $(KUSTOMIZE) $(ENVSUBST) $(KUBECTL) $(KIND) ## Create a management cluster. @@ -293,17 +307,15 @@ create-management-cluster: $(KUSTOMIZE) $(ENVSUBST) $(KUBECTL) $(KIND) ## Create # Install cert manager and wait for availability ./hack/install-cert-manager.sh - # Create secret for AzureClusterIdentity - ./hack/create-identity-secret.sh - # Create customized cloud provider configs + AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY="$${AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY:-$$(cat $(AZURE_IDENTITY_ID_FILEPATH))}" \ ./hack/create-custom-cloud-provider-config.sh # Deploy CAPI - timeout --foreground 300 bash -c "until curl --retry $(CURL_RETRIES) -sSL https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.7.1/cluster-api-components.yaml | $(ENVSUBST) | $(KUBECTL) apply -f -; do sleep 5; done" + timeout --foreground 300 bash -c "until curl --retry $(CURL_RETRIES) -sSL https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.8.4/cluster-api-components.yaml | $(ENVSUBST) | $(KUBECTL) apply -f -; do sleep 5; done" # Deploy CAAPH - timeout --foreground 300 bash -c "until curl --retry $(CURL_RETRIES) -sSL https://github.com/kubernetes-sigs/cluster-api-addon-provider-helm/releases/download/v0.1.0-alpha.10/addon-components.yaml | $(ENVSUBST) | $(KUBECTL) apply -f -; do sleep 5; done" + timeout --foreground 300 bash -c "until curl --retry $(CURL_RETRIES) -sSL https://github.com/kubernetes-sigs/cluster-api-addon-provider-helm/releases/download/v0.2.5/addon-components.yaml | $(ENVSUBST) | $(KUBECTL) apply -f -; do sleep 5; done" # Deploy CAPZ $(KIND) load docker-image $(CONTROLLER_IMG)-$(ARCH):$(TAG) --name=$(KIND_CLUSTER_NAME) @@ -321,7 +333,7 @@ create-management-cluster: $(KUSTOMIZE) $(ENVSUBST) $(KUBECTL) $(KIND) ## Create timeout --foreground 300 bash -c "until $(KUBECTL) get clusterresourcesets -A; do sleep 3; done" # install Windows Calico cluster resource set - timeout --foreground 300 bash -c "until $(KUBECTL) create configmap calico-windows-addon --from-file="$(ADDONS_DIR)/windows/calico" --dry-run=client -o yaml | kubectl apply -f -; do sleep 5; done" + timeout --foreground 300 bash -c "until $(KUBECTL) create configmap calico-windows-addon -n default --from-file="$(ADDONS_DIR)/windows/calico" --dry-run=client -o yaml | kubectl apply -f -; do sleep 5; done" timeout --foreground 300 bash -c "until $(KUBECTL) apply -f templates/addons/windows/calico-resource-set.yaml; do sleep 5; done" # Wait for CAPZ deployments @@ -337,7 +349,10 @@ create-management-cluster: $(KUSTOMIZE) $(ENVSUBST) $(KUBECTL) $(KIND) ## Create .PHONY: create-workload-cluster create-workload-cluster: $(ENVSUBST) $(KUBECTL) ## Create a workload cluster. # Create workload Cluster. - @if [ -f "$(TEMPLATES_DIR)/$(CLUSTER_TEMPLATE)" ]; then \ + @if [ -z "${AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY}" ]; then \ + export AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY=$(shell cat $(AZURE_IDENTITY_ID_FILEPATH)); \ + fi; \ + if [ -f "$(TEMPLATES_DIR)/$(CLUSTER_TEMPLATE)" ]; then \ timeout --foreground 300 bash -c "until $(ENVSUBST) < $(TEMPLATES_DIR)/$(CLUSTER_TEMPLATE) | $(KUBECTL) apply -f -; do sleep 5; done"; \ elif [ -f "$(CLUSTER_TEMPLATE)" ]; then \ timeout --foreground 300 bash -c "until $(ENVSUBST) < "$(CLUSTER_TEMPLATE)" | $(KUBECTL) apply -f -; do sleep 5; done"; \ @@ -346,10 +361,10 @@ create-workload-cluster: $(ENVSUBST) $(KUBECTL) ## Create a workload cluster. fi # Wait for the kubeconfig to become available. - timeout --foreground 300 bash -c "while ! $(KUBECTL) get secrets | grep $(CLUSTER_NAME)-kubeconfig; do sleep 1; done" + timeout --foreground 1800 bash -c "while ! $(KUBECTL) get secrets -n default | grep $(CLUSTER_NAME)-kubeconfig; do sleep 1; done" # Get kubeconfig and store it locally. - $(KUBECTL) get secrets $(CLUSTER_NAME)-kubeconfig -o json | jq -r .data.value | base64 --decode > ./kubeconfig - $(KUBECTL) wait --for=condition=Ready --timeout=10m cluster "$(CLUSTER_NAME)" + $(KUBECTL) get secret/$(CLUSTER_NAME)-kubeconfig -n default -o json | jq -r .data.value | base64 --decode > ./kubeconfig + $(KUBECTL) -n default wait --for=condition=Ready --timeout=10m cluster "$(CLUSTER_NAME)" @echo 'run "$(KUBECTL) --kubeconfig=./kubeconfig ..." to work with the new target cluster' @@ -358,6 +373,7 @@ create-cluster: ## Create a workload development Kubernetes cluster on Azure in EXP_CLUSTER_RESOURCE_SET=true \ EXP_MACHINE_POOL=true \ EXP_EDGEZONE=true \ + EXP_ASO_API=true \ $(MAKE) create-management-cluster \ create-workload-cluster @@ -372,10 +388,14 @@ delete-workload-cluster: $(KUBECTL) ## Deletes the example workload Kubernetes c ##@ Docker: +.PHONY: acr-login +acr-login: ## Login to Azure Container Registry. + ./hack/ensure-acr-login.sh + .PHONY: docker-pull-prerequisites docker-pull-prerequisites: ## Pull prerequisites for building controller-manager. docker pull docker/dockerfile:1.4 - docker pull docker.io/library/golang:1.21 + docker pull docker.io/library/golang:1.22 docker pull gcr.io/distroless/static:latest .PHONY: docker-build @@ -455,7 +475,7 @@ generate-manifests: $(CONTROLLER_GEN) ## Generate manifests e.g. CRD, RBAC etc. paths=./api/... \ paths=./$(EXP_DIR)/api/... \ crd:crdVersions=v1 \ - rbac:roleName=manager-role \ + rbac:roleName=base-manager-role \ output:crd:dir=$(CRD_ROOT) \ output:webhook:dir=$(WEBHOOK_ROOT) \ webhook @@ -464,7 +484,7 @@ generate-manifests: $(CONTROLLER_GEN) ## Generate manifests e.g. CRD, RBAC etc. paths=./controllers/... \ paths=./$(EXP_DIR)/controllers/... \ output:rbac:dir=$(RBAC_ROOT) \ - rbac:roleName=manager-role + rbac:roleName=base-manager-role .PHONY: generate-flavors ## Generate template flavors. generate-flavors: $(KUSTOMIZE) generate-addons @@ -544,7 +564,7 @@ help: ## Display this help. .PHONY: lint lint: $(GOLANGCI_LINT) lint-latest ## Lint codebase. - $(GOLANGCI_LINT) run -v $(GOLANGCI_LINT_EXTRA_ARGS) + $(GOLANGCI_LINT) run -v --timeout=8m0s --print-resources-usage $(GOLANGCI_LINT_EXTRA_ARGS) .PHONY: lint-fix lint-fix: $(GOLANGCI_LINT) ## Lint the codebase and run auto-fixers if supported by the linter. @@ -629,7 +649,7 @@ release-binary: $(RELEASE_DIR) ## Compile and build release binaries. -e GOARCH=$(GOARCH) \ -v "$$(pwd):/workspace" \ -w /workspace \ - golang:1.21 \ + golang:1.22 \ go build -a -ldflags '$(LDFLAGS) -extldflags "-static"' \ -o $(RELEASE_DIR)/$(notdir $(RELEASE_BINARY))-$(GOOS)-$(GOARCH) $(RELEASE_BINARY) @@ -682,7 +702,13 @@ test-cover: test ## Run tests with code coverage and generate reports. .PHONY: kind-create-bootstrap kind-create-bootstrap: $(KUBECTL) ## Create capz kind bootstrap cluster. - export AZWI=$${AZWI:-true} KIND_CLUSTER_NAME=capz-e2e && ./scripts/kind-with-registry.sh + KIND_CLUSTER_NAME=capz-e2e ./scripts/kind-with-registry.sh + +.PHONY: cleanup-workload-identity +cleanup-workload-identity: ## Cleanup CI workload-identity infra + @if ! [ "$(AZWI_SKIP_CLEANUP)" == "true" ]; then \ + ./scripts/cleanup-workload-identity.sh \ + fi ## -------------------------------------- ## Security Scanning @@ -702,9 +728,16 @@ verify-container-images: ## Verify container images kind-create: $(KUBECTL) ## Create capz kind cluster if needed. ./scripts/kind-with-registry.sh +.PHONY: aks-create +aks-create: $(KUBECTL) ## Create aks cluster as mgmt cluster. + ./scripts/aks-as-mgmt.sh + .PHONY: tilt-up -tilt-up: install-tools kind-create ## Start tilt and build kind cluster if needed. - CLUSTER_TOPOLOGY=true EXP_CLUSTER_RESOURCE_SET=true EXP_MACHINE_POOL=true EXP_KUBEADM_BOOTSTRAP_FORMAT_IGNITION=true EXP_EDGEZONE=true tilt up +tilt-up: install-tools ## Start tilt and build kind cluster if needed. + @if [ -z "${AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY}" ]; then \ + export AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY=$(shell cat $(AZURE_IDENTITY_ID_FILEPATH)); \ + fi; \ + CLUSTER_TOPOLOGY=true EXP_ASO_API=true EXP_CLUSTER_RESOURCE_SET=true EXP_MACHINE_POOL=true EXP_KUBEADM_BOOTSTRAP_FORMAT_IGNITION=true EXP_EDGEZONE=true tilt up .PHONY: delete-cluster delete-cluster: delete-workload-cluster ## Deletes the example kind cluster "capz". @@ -738,6 +771,7 @@ yq: $(YQ) ## Build a local copy of yq. kind: $(KIND) ## Build a local copy of kind. setup-envtest: $(SETUP_ENVTEST) ## Build a local copy of setup-envtest. codespell : $(CODESPELL) ## Build a local copy of codespell. +azwi: $(AZWI) ## Build a local copy of azwi. $(CONVERSION_VERIFIER): go.mod cd $(TOOLS_DIR); go build -tags=tools -o $@ sigs.k8s.io/cluster-api/hack/tools/conversion-verifier @@ -788,6 +822,16 @@ $(HELM): ## Put helm into tools folder. ln -sf $(HELM) $(TOOLS_BIN_DIR)/$(HELM_BIN) rm -f $(TOOLS_BIN_DIR)/get_helm.sh +$(AZWI): ## Put azwi into tools folder. + mkdir -p $(TOOLS_BIN_DIR) + rm -f "$(TOOLS_BIN_DIR)/$(AZWI_BIN)*" + curl --retry $(CURL_RETRIES) -fsSL -o $(TOOLS_BIN_DIR)/azwi.tar.gz https://github.com/Azure/azure-workload-identity/releases/download/$(AZWI_VER)/azwi-$(AZWI_VER)-$(GOOS)-$(GOARCH).tar.gz + tar -xf "$(TOOLS_BIN_DIR)/azwi.tar.gz" -C $(TOOLS_BIN_DIR) $(AZWI_BIN) + mv "$(TOOLS_BIN_DIR)/$(AZWI_BIN)" $(AZWI) + ln -sf $(AZWI) $(TOOLS_BIN_DIR)/$(AZWI_BIN) + chmod +x $(AZWI) $(TOOLS_BIN_DIR)/$(AZWI_BIN) + rm -f $(TOOLS_BIN_DIR)/azwi.tar.gz + $(KIND): ## Build kind into tools folder. GOBIN=$(TOOLS_BIN_DIR) $(GO_INSTALL) sigs.k8s.io/kind $(KIND_BIN) $(KIND_VER) diff --git a/README.md b/README.md index ff9ad5d14d9..c598033db41 100644 --- a/README.md +++ b/README.md @@ -19,12 +19,19 @@ Kubernetes-native declarative infrastructure for Azure. -## What is the Cluster API Provider Azure +## What is the Cluster API Provider Azure (CAPZ) The [Cluster API][cluster_api] brings declarative, Kubernetes-style APIs to cluster creation, configuration and management. -The API itself is shared across multiple cloud providers allowing for true Azure -hybrid deployments of Kubernetes. +The API itself is shared across multiple cloud providers allowing for true Azure hybrid deployments of Kubernetes. + +CAPZ enables efficient management at scale of self-managed or managed (AKS) clusters on Azure. Furthermore, the CAPZ management cluster can be utilized with the automatically installed Azure Service Operator (ASO) installation dependency to manage any Azure infrastructure. For more information see the [roadmap high level vision](https://capz.sigs.k8s.io/roadmap#high-level-vision). + +## Documentation + +Please see our [Book](https://capz.sigs.k8s.io) for in-depth user documentation. + +Additional docs can be found in the `/docs` directory, and the [index is here](https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/main/docs/README.md). ## Quick Start @@ -58,12 +65,6 @@ For more information on Kubernetes version support, see the [Cluster API book](h ------ -## Documentation - -Please see our [Book](https://capz.sigs.k8s.io) for in-depth user documentation. - -Additional docs can be found in the `/docs` directory, and the [index is here](https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/main/docs/README.md). - ## Getting involved and contributing Are you interested in contributing to cluster-api-provider-azure? We, the diff --git a/Tiltfile b/Tiltfile index bd4594cc1cb..58b6a4d5039 100644 --- a/Tiltfile +++ b/Tiltfile @@ -20,8 +20,9 @@ settings = { "deploy_cert_manager": True, "preload_images_for_kind": True, "kind_cluster_name": "capz", - "capi_version": "v1.7.1", - "cert_manager_version": "v1.14.4", + "capi_version": "v1.8.4", + "caaph_version": "v0.2.5", + "cert_manager_version": "v1.16.0", "kubernetes_version": "v1.28.3", "aks_kubernetes_version": "v1.28.3", "flatcar_version": "3374.2.1", @@ -34,7 +35,7 @@ settings = { } # Auth keys that need to be loaded from the environment -keys = ["AZURE_SUBSCRIPTION_ID", "AZURE_TENANT_ID", "AZURE_CLIENT_SECRET", "AZURE_CLIENT_ID"] +keys = ["AZURE_SUBSCRIPTION_ID", "AZURE_TENANT_ID", "AZURE_CLIENT_ID"] # Get global settings from tilt-settings.yaml or tilt-settings.json tilt_file = "./tilt-settings.yaml" if os.path.exists("./tilt-settings.yaml") else "./tilt-settings.json" @@ -50,6 +51,9 @@ if "default_registry" in settings: default_registry(settings.get("default_registry")) os_arch = str(local("go env GOARCH")).rstrip("\n") +if "aks" in settings.get("kustomize_substitutions", {}).get("MGMT_CLUSTER_NAME", ""): + print("Using AKS as management cluster, setting os_arch to amd64") + os_arch = "amd64" # deploy CAPI def deploy_capi(): @@ -61,13 +65,25 @@ def deploy_capi(): extra_args = settings.get("extra_args") if extra_args.get("core"): core_extra_args = extra_args.get("core") - if core_extra_args: - for namespace in ["capi-system", "capi-webhook-system"]: - patch_args_with_extra_args(namespace, "capi-controller-manager", core_extra_args) + for namespace in ["capi-system", "capi-webhook-system"]: + patch_args_with_extra_args(namespace, "capi-controller-manager", core_extra_args) if extra_args.get("kubeadm-bootstrap"): kb_extra_args = extra_args.get("kubeadm-bootstrap") - if kb_extra_args: - patch_args_with_extra_args("capi-kubeadm-bootstrap-system", "capi-kubeadm-bootstrap-controller-manager", kb_extra_args) + patch_args_with_extra_args("capi-kubeadm-bootstrap-system", "capi-kubeadm-bootstrap-controller-manager", kb_extra_args) + +# deploy CAAPH +def deploy_caaph(): + version = settings.get("caaph_version") + + caaph_uri = "https://github.com/kubernetes-sigs/cluster-api-addon-provider-helm/releases/download/{}/addon-components.yaml".format(version) + cmd = "curl --retry 3 -sSL {} | {} | {} apply -f -".format(caaph_uri, envsubst_cmd, kubectl_cmd) + local(cmd, quiet = True) + if settings.get("extra_args"): + extra_args = settings.get("extra_args") + if extra_args.get("helm"): + core_extra_args = extra_args.get("helm") + for namespace in ["caaph-system", "caaph-webhook-system"]: + patch_args_with_extra_args(namespace, "caaph-controller-manager", core_extra_args) def patch_args_with_extra_args(namespace, name, extra_args): args_str = str(local("{} get deployments {} -n {} -o jsonpath={{.spec.template.spec.containers[1].args}}".format(kubectl_cmd, name, namespace))) @@ -113,7 +129,7 @@ def validate_auth(): tilt_helper_dockerfile_header = """ # Tilt image -FROM golang:1.21 as tilt-helper +FROM golang:1.22 as tilt-helper # Support live reloading with Tilt RUN wget --output-document /restart.sh --quiet https://raw.githubusercontent.com/windmilleng/rerun-process-wrapper/master/restart.sh && \ wget --output-document /start.sh --quiet https://raw.githubusercontent.com/windmilleng/rerun-process-wrapper/master/start.sh && \ @@ -198,11 +214,10 @@ def capz(): # add extra_args if they are defined if settings.get("extra_args"): azure_extra_args = settings.get("extra_args").get("azure") - if azure_extra_args: - yaml_dict = decode_yaml_stream(yaml) - append_arg_for_container_in_deployment(yaml_dict, "capz-controller-manager", "capz-system", "cluster-api-azure-controller", azure_extra_args) - yaml = str(encode_yaml_stream(yaml_dict)) - yaml = fixup_yaml_empty_arrays(yaml) + yaml_dict = decode_yaml_stream(yaml) + append_arg_for_container_in_deployment(yaml_dict, "capz-controller-manager", "capz-system", "cluster-api-azure-controller", azure_extra_args) + yaml = str(encode_yaml_stream(yaml_dict)) + yaml = fixup_yaml_empty_arrays(yaml) # Forge the build command ldflags = "-extldflags \"-static\" " + str(local("hack/version.sh")).rstrip("\n") @@ -230,10 +245,18 @@ def capz(): if extra_args: entrypoint.extend(extra_args) + # use the user REGISTRY if set, otherwise use the default + if settings.get("kustomize_substitutions", {}).get("REGISTRY", "") != "": + registry = settings.get("kustomize_substitutions", {}).get("REGISTRY", "") + print("Using REGISTRY: " + registry + " from tilt-settings.yaml") + image = registry + "/cluster-api-azure-controller" + else: + image = "gcr.io/cluster-api-provider-azure/cluster-api-azure-controller" + # Set up an image build for the provider. The live update configuration syncs the output from the local_resource # build into the container. docker_build( - ref = "gcr.io/k8s-staging-cluster-api-azure/cluster-api-azure-controller", + ref = image, context = "./.tiltbuild/", dockerfile_contents = dockerfile_contents, target = "tilt", @@ -254,13 +277,10 @@ def create_identity_secret(): os.putenv("AZURE_CLUSTER_IDENTITY_SECRET_NAME", "cluster-identity-secret") os.putenv("AZURE_CLUSTER_IDENTITY_SECRET_NAMESPACE", "default") - os.putenv("CLUSTER_IDENTITY_NAME", "cluster-identity") + os.putenv("CLUSTER_IDENTITY_NAME", "cluster-identity-ci") os.putenv("ASO_CREDENTIAL_SECRET_NAME", "aso-credentials") - os.putenv("AZURE_CLIENT_SECRET_B64", base64_encode(os.environ.get("AZURE_CLIENT_SECRET"))) - local("cat templates/azure-cluster-identity/secret.yaml | " + envsubst_cmd + " | " + kubectl_cmd + " apply -f -", quiet = True, echo_off = True) local("cat templates/flavors/aks-aso/credentials.yaml | " + envsubst_cmd + " | " + kubectl_cmd + " apply -f -", quiet = True, echo_off = True) - os.unsetenv("AZURE_CLIENT_SECRET_B64") def create_crs(): # create config maps @@ -449,6 +469,8 @@ if settings.get("deploy_cert_manager"): deploy_capi() +deploy_caaph() + create_identity_secret() capz() diff --git a/exp/api/v1alpha1/azureasomanagedcluster_types.go b/api/v1alpha1/azureasomanagedcluster_types.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedcluster_types.go rename to api/v1alpha1/azureasomanagedcluster_types.go diff --git a/exp/api/v1alpha1/azureasomanagedcluster_webhook.go b/api/v1alpha1/azureasomanagedcluster_webhook.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedcluster_webhook.go rename to api/v1alpha1/azureasomanagedcluster_webhook.go diff --git a/exp/api/v1alpha1/azureasomanagedclustertemplate_types.go b/api/v1alpha1/azureasomanagedclustertemplate_types.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedclustertemplate_types.go rename to api/v1alpha1/azureasomanagedclustertemplate_types.go diff --git a/exp/api/v1alpha1/azureasomanagedcontrolplane_types.go b/api/v1alpha1/azureasomanagedcontrolplane_types.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedcontrolplane_types.go rename to api/v1alpha1/azureasomanagedcontrolplane_types.go diff --git a/exp/api/v1alpha1/azureasomanagedcontrolplane_webhook.go b/api/v1alpha1/azureasomanagedcontrolplane_webhook.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedcontrolplane_webhook.go rename to api/v1alpha1/azureasomanagedcontrolplane_webhook.go diff --git a/exp/api/v1alpha1/azureasomanagedcontrolplanetemplate_types.go b/api/v1alpha1/azureasomanagedcontrolplanetemplate_types.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedcontrolplanetemplate_types.go rename to api/v1alpha1/azureasomanagedcontrolplanetemplate_types.go diff --git a/exp/api/v1alpha1/azureasomanagedmachinepool_types.go b/api/v1alpha1/azureasomanagedmachinepool_types.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedmachinepool_types.go rename to api/v1alpha1/azureasomanagedmachinepool_types.go diff --git a/exp/api/v1alpha1/azureasomanagedmachinepool_webhook.go b/api/v1alpha1/azureasomanagedmachinepool_webhook.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedmachinepool_webhook.go rename to api/v1alpha1/azureasomanagedmachinepool_webhook.go diff --git a/exp/api/v1alpha1/azureasomanagedmachinepooltemplate_types.go b/api/v1alpha1/azureasomanagedmachinepooltemplate_types.go similarity index 100% rename from exp/api/v1alpha1/azureasomanagedmachinepooltemplate_types.go rename to api/v1alpha1/azureasomanagedmachinepooltemplate_types.go diff --git a/exp/api/v1alpha1/doc.go b/api/v1alpha1/doc.go similarity index 100% rename from exp/api/v1alpha1/doc.go rename to api/v1alpha1/doc.go diff --git a/exp/api/v1alpha1/groupversion_info.go b/api/v1alpha1/groupversion_info.go similarity index 100% rename from exp/api/v1alpha1/groupversion_info.go rename to api/v1alpha1/groupversion_info.go diff --git a/exp/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from exp/api/v1alpha1/zz_generated.deepcopy.go rename to api/v1alpha1/zz_generated.deepcopy.go diff --git a/api/v1beta1/azurecluster_validation.go b/api/v1beta1/azurecluster_validation.go index a079e6ea855..6cd04b6a04a 100644 --- a/api/v1beta1/azurecluster_validation.go +++ b/api/v1beta1/azurecluster_validation.go @@ -101,7 +101,7 @@ func (c *AzureCluster) validateClusterSpec(old *AzureCluster) field.ErrorList { // If ClusterSpec has non-nil ExtendedLocation field but not enable EdgeZone feature gate flag, ClusterSpec validation failed. if !feature.Gates.Enabled(feature.EdgeZone) && c.Spec.ExtendedLocation != nil { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "ExtendedLocation"), "can be set only if the EdgeZone feature flag is enabled")) + allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "extendedLocation"), "can be set only if the EdgeZone feature flag is enabled")) } if err := validateBastionSpec(c.Spec.BastionSpec, field.NewPath("spec").Child("azureBastion").Child("bastionSpec")); err != nil { @@ -123,7 +123,7 @@ func (c *AzureCluster) validateClusterName() field.ErrorList { fmt.Sprintf("Cluster Name longer than allowed length of %d characters", clusterNameMaxLength))) } if success, _ := regexp.MatchString(clusterNameRegex, c.Name); !success { - allErrs = append(allErrs, field.Invalid(field.NewPath("metadata").Child("Name"), c.Name, + allErrs = append(allErrs, field.Invalid(field.NewPath("metadata").Child("name"), c.Name, fmt.Sprintf("Cluster Name doesn't match regex %s, can contain only lowercase alphanumeric characters and '-', must start/end with an alphanumeric character", clusterNameRegex))) } diff --git a/api/v1beta1/azurecluster_webhook.go b/api/v1beta1/azurecluster_webhook.go index 49cc7c7fe00..8dc51a0bcfd 100644 --- a/api/v1beta1/azurecluster_webhook.go +++ b/api/v1beta1/azurecluster_webhook.go @@ -57,21 +57,21 @@ func (c *AzureCluster) ValidateUpdate(oldRaw runtime.Object) (admission.Warnings old := oldRaw.(*AzureCluster) if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "ResourceGroup"), + field.NewPath("spec", "resourceGroup"), old.Spec.ResourceGroup, c.Spec.ResourceGroup); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "SubscriptionID"), + field.NewPath("spec", "subscriptionID"), old.Spec.SubscriptionID, c.Spec.SubscriptionID); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Location"), + field.NewPath("spec", "location"), old.Spec.Location, c.Spec.Location); err != nil { allErrs = append(allErrs, err) @@ -79,14 +79,14 @@ func (c *AzureCluster) ValidateUpdate(oldRaw runtime.Object) (admission.Warnings if old.Spec.ControlPlaneEndpoint.Host != "" && c.Spec.ControlPlaneEndpoint.Host != old.Spec.ControlPlaneEndpoint.Host { allErrs = append(allErrs, - field.Invalid(field.NewPath("spec", "ControlPlaneEndpoint", "Host"), + field.Invalid(field.NewPath("spec", "controlPlaneEndpoint", "host"), c.Spec.ControlPlaneEndpoint.Host, "field is immutable"), ) } if old.Spec.ControlPlaneEndpoint.Port != 0 && c.Spec.ControlPlaneEndpoint.Port != old.Spec.ControlPlaneEndpoint.Port { allErrs = append(allErrs, - field.Invalid(field.NewPath("spec", "ControlPlaneEndpoint", "Port"), + field.Invalid(field.NewPath("spec", "controlPlaneEndpoint", "port"), c.Spec.ControlPlaneEndpoint.Port, "field is immutable"), ) } @@ -102,14 +102,14 @@ func (c *AzureCluster) ValidateUpdate(oldRaw runtime.Object) (admission.Warnings // if it's still not equal, return error. if !reflect.DeepEqual(c.Spec.AzureEnvironment, old.Spec.AzureEnvironment) { allErrs = append(allErrs, - field.Invalid(field.NewPath("spec", "AzureEnvironment"), + field.Invalid(field.NewPath("spec", "azureEnvironment"), c.Spec.AzureEnvironment, "field is immutable"), ) } } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "NetworkSpec", "PrivateDNSZoneName"), + field.NewPath("spec", "networkSpec", "privateDNSZoneName"), old.Spec.NetworkSpec.PrivateDNSZoneName, c.Spec.NetworkSpec.PrivateDNSZoneName); err != nil { allErrs = append(allErrs, err) @@ -118,13 +118,13 @@ func (c *AzureCluster) ValidateUpdate(oldRaw runtime.Object) (admission.Warnings // Allow enabling azure bastion but avoid disabling it. if old.Spec.BastionSpec.AzureBastion != nil && !reflect.DeepEqual(old.Spec.BastionSpec.AzureBastion, c.Spec.BastionSpec.AzureBastion) { allErrs = append(allErrs, - field.Invalid(field.NewPath("spec", "BastionSpec", "AzureBastion"), + field.Invalid(field.NewPath("spec", "bastionSpec", "azureBastion"), c.Spec.BastionSpec.AzureBastion, "azure bastion cannot be removed from a cluster"), ) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "NetworkSpec", "ControlPlaneOutboundLB"), + field.NewPath("spec", "networkSpec", "controlPlaneOutboundLB"), old.Spec.NetworkSpec.ControlPlaneOutboundLB, c.Spec.NetworkSpec.ControlPlaneOutboundLB); err != nil { allErrs = append(allErrs, err) diff --git a/api/v1beta1/azureclusteridentity_types.go b/api/v1beta1/azureclusteridentity_types.go index 660e7790140..21ade10503b 100644 --- a/api/v1beta1/azureclusteridentity_types.go +++ b/api/v1beta1/azureclusteridentity_types.go @@ -48,6 +48,9 @@ type AzureClusterIdentitySpec struct { Type IdentityType `json:"type"` // ResourceID is the Azure resource ID for the User Assigned MSI resource. // Only applicable when type is UserAssignedMSI. + // + // Deprecated: This field no longer has any effect. + // // +optional ResourceID string `json:"resourceID,omitempty"` // ClientID is the service principal client ID. diff --git a/api/v1beta1/azureclusteridentity_validation.go b/api/v1beta1/azureclusteridentity_validation.go index ed4b2085db9..c679052d5f6 100644 --- a/api/v1beta1/azureclusteridentity_validation.go +++ b/api/v1beta1/azureclusteridentity_validation.go @@ -24,9 +24,7 @@ import ( func (c *AzureClusterIdentity) validateClusterIdentity() (admission.Warnings, error) { var allErrs field.ErrorList - if c.Spec.Type == UserAssignedMSI && c.Spec.ResourceID == "" { - allErrs = append(allErrs, field.Required(field.NewPath("spec", "resourceID"), c.Spec.ResourceID)) - } else if c.Spec.Type != UserAssignedMSI && c.Spec.ResourceID != "" { + if c.Spec.Type != UserAssignedMSI && c.Spec.ResourceID != "" { allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "resourceID"), c.Spec.ResourceID)) } if len(allErrs) == 0 { diff --git a/api/v1beta1/azureclusteridentity_webhook_test.go b/api/v1beta1/azureclusteridentity_webhook_test.go index 0023d69007a..6b1fa7c13a8 100644 --- a/api/v1beta1/azureclusteridentity_webhook_test.go +++ b/api/v1beta1/azureclusteridentity_webhook_test.go @@ -76,7 +76,7 @@ func TestAzureClusterIdentity_ValidateCreate(t *testing.T) { TenantID: fakeTenantID, }, }, - wantErr: true, + wantErr: false, }, } diff --git a/api/v1beta1/azuremachine_default_test.go b/api/v1beta1/azuremachine_default_test.go index 48757978129..1b467d634ea 100644 --- a/api/v1beta1/azuremachine_default_test.go +++ b/api/v1beta1/azuremachine_default_test.go @@ -596,6 +596,13 @@ func createMachineWithUserAssignedIdentities(identitiesList []UserAssignedIdenti return machine } +func createMachineWithUserAssignedIdentitiesWithBadIdentity(identitiesList []UserAssignedIdentity) *AzureMachine { + machine := hardcodedAzureMachineWithSSHKey(generateSSHPublicKey(true)) + machine.Spec.Identity = VMIdentitySystemAssigned + machine.Spec.UserAssignedIdentities = identitiesList + return machine +} + func hardcodedAzureMachineWithSSHKey(sshPublicKey string) *AzureMachine { return &AzureMachine{ ObjectMeta: metav1.ObjectMeta{ diff --git a/api/v1beta1/azuremachine_types.go b/api/v1beta1/azuremachine_types.go index 7d68a172eb0..0609e401cb4 100644 --- a/api/v1beta1/azuremachine_types.go +++ b/api/v1beta1/azuremachine_types.go @@ -84,7 +84,7 @@ type AzureMachineSpec struct { // SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. // Refer to documentation on how to set up SSH access on Windows instances. // +optional - SSHPublicKey string `json:"sshPublicKey"` + SSHPublicKey string `json:"sshPublicKey,omitempty"` // AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the // Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the @@ -151,6 +151,10 @@ type AzureMachineSpec struct { // CapacityReservationGroupID specifies the capacity reservation group resource id that should be // used for allocating the virtual machine. + // The field size should be greater than 0 and the field input must start with '/'. + // The input for capacityReservationGroupID must be similar to '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/capacityReservationGroups/{capacityReservationGroupName}'. + // The keys which are used should be among 'subscriptions', 'providers' and 'resourcegroups' followed by valid ID or names respectively. + // It is optional but may not be changed once set. // +optional CapacityReservationGroupID *string `json:"capacityReservationGroupID,omitempty"` } diff --git a/api/v1beta1/azuremachine_validation.go b/api/v1beta1/azuremachine_validation.go index 972e9816b3c..a6be65081ea 100644 --- a/api/v1beta1/azuremachine_validation.go +++ b/api/v1beta1/azuremachine_validation.go @@ -138,6 +138,10 @@ func ValidateSystemAssignedIdentity(identityType VMIdentity, oldIdentity, newIde func ValidateUserAssignedIdentity(identityType VMIdentity, userAssignedIdentities []UserAssignedIdentity, fldPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} + if len(userAssignedIdentities) > 0 && identityType != VMIdentityUserAssigned { + allErrs = append(allErrs, field.Invalid(fldPath, identityType, "must be set to 'UserAssigned' when assigning any user identity to the machine")) + } + if identityType == VMIdentityUserAssigned { if len(userAssignedIdentities) == 0 { allErrs = append(allErrs, field.Required(fldPath, "must be specified for the 'UserAssigned' identity type")) @@ -160,16 +164,16 @@ func ValidateSystemAssignedIdentityRole(identityType VMIdentity, roleAssignmentN if roleAssignmentName != "" && role != nil && role.Name != "" { allErrs = append(allErrs, field.Invalid(fldPath, role.Name, "cannot set both roleAssignmentName and systemAssignedIdentityRole.name")) } - if identityType == VMIdentitySystemAssigned { + if identityType == VMIdentitySystemAssigned && role != nil { if role.DefinitionID == "" { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "SystemAssignedIdentityRole", "DefinitionID"), role.DefinitionID, "the definitionID field cannot be empty")) + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "systemAssignedIdentityRole", "definitionID"), role.DefinitionID, "the definitionID field cannot be empty")) } if role.Scope == "" { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "SystemAssignedIdentityRole", "Scope"), role.Scope, "the scope field cannot be empty")) + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "systemAssignedIdentityRole", "scope"), role.Scope, "the scope field cannot be empty")) } } if identityType != VMIdentitySystemAssigned && role != nil { - allErrs = append(allErrs, field.Forbidden(field.NewPath("Spec", "Role"), "systemAssignedIdentityRole can only be set when identity is set to SystemAssigned")) + allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "role"), "systemAssignedIdentityRole can only be set when identity is set to SystemAssigned")) } return allErrs } @@ -248,6 +252,15 @@ func ValidateOSDisk(osDisk OSDisk, fieldPath *field.Path) field.ErrorList { "diskEncryptionSet is not supported when diffDiskSettings.option is 'Local'", )) } + if osDisk.DiffDiskSettings != nil && osDisk.DiffDiskSettings.Placement != nil { + if osDisk.DiffDiskSettings.Option != string(armcompute.DiffDiskOptionsLocal) { + allErrs = append(allErrs, field.Invalid( + fieldPath.Child("diffDiskSettings"), + osDisk.DiffDiskSettings, + "placement is only supported when diffDiskSettings.option is 'Local'", + )) + } + } return allErrs } @@ -482,7 +495,7 @@ func ValidateVMExtensions(disableExtensionOperations *bool, vmExtensions []VMExt allErrs := field.ErrorList{} if ptr.Deref(disableExtensionOperations, false) && len(vmExtensions) > 0 { - allErrs = append(allErrs, field.Forbidden(field.NewPath("AzureMachineTemplate", "spec", "template", "spec", "VMExtensions"), "VMExtensions must be empty when DisableExtensionOperations is true")) + allErrs = append(allErrs, field.Forbidden(field.NewPath("AzureMachineTemplate", "spec", "template", "spec", "vmExtensions"), "VMExtensions must be empty when DisableExtensionOperations is true")) } return allErrs diff --git a/api/v1beta1/azuremachine_validation_test.go b/api/v1beta1/azuremachine_validation_test.go index 2621022f04f..f6322597764 100644 --- a/api/v1beta1/azuremachine_validation_test.go +++ b/api/v1beta1/azuremachine_validation_test.go @@ -109,6 +109,37 @@ func TestAzureMachine_ValidateOSDisk(t *testing.T) { }, }, }, + { + name: "valid resourceDisk placement spec with option local", + wantErr: false, + osDisk: OSDisk{ + DiskSizeGB: ptr.To[int32](30), + CachingType: "None", + OSType: "blah", + DiffDiskSettings: &DiffDiskSettings{ + Option: string(armcompute.DiffDiskOptionsLocal), + Placement: ptr.To(DiffDiskPlacementResourceDisk), + }, + ManagedDisk: &ManagedDiskParameters{ + StorageAccountType: "Standard_LRS", + }, + }, + }, + { + name: "valid resourceDisk placement spec requires option local", + wantErr: true, + osDisk: OSDisk{ + DiskSizeGB: ptr.To[int32](30), + CachingType: "None", + OSType: "blah", + DiffDiskSettings: &DiffDiskSettings{ + Placement: ptr.To(DiffDiskPlacementResourceDisk), + }, + ManagedDisk: &ManagedDiskParameters{ + StorageAccountType: "Standard_LRS", + }, + }, + }, { name: "byoc encryption with ephemeral os disk spec", wantErr: true, diff --git a/api/v1beta1/azuremachine_webhook.go b/api/v1beta1/azuremachine_webhook.go index c5edbab1cdc..3953dcad3e3 100644 --- a/api/v1beta1/azuremachine_webhook.go +++ b/api/v1beta1/azuremachine_webhook.go @@ -86,70 +86,70 @@ func (mw *azureMachineWebhook) ValidateUpdate(ctx context.Context, oldObj, newOb } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Image"), + field.NewPath("spec", "image"), old.Spec.Image, m.Spec.Image); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Identity"), + field.NewPath("spec", "identity"), old.Spec.Identity, m.Spec.Identity); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "SystemAssignedIdentityRole"), + field.NewPath("spec", "systemAssignedIdentityRole"), old.Spec.SystemAssignedIdentityRole, m.Spec.SystemAssignedIdentityRole); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "UserAssignedIdentities"), + field.NewPath("spec", "userAssignedIdentities"), old.Spec.UserAssignedIdentities, m.Spec.UserAssignedIdentities); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "RoleAssignmentName"), + field.NewPath("spec", "roleAssignmentName"), old.Spec.RoleAssignmentName, m.Spec.RoleAssignmentName); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "OSDisk"), + field.NewPath("spec", "osDisk"), old.Spec.OSDisk, m.Spec.OSDisk); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "DataDisks"), + field.NewPath("spec", "dataDisks"), old.Spec.DataDisks, m.Spec.DataDisks); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "SSHPublicKey"), + field.NewPath("spec", "sshPublicKey"), old.Spec.SSHPublicKey, m.Spec.SSHPublicKey); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "AllocatePublicIP"), + field.NewPath("spec", "allocatePublicIP"), old.Spec.AllocatePublicIP, m.Spec.AllocatePublicIP); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "EnableIPForwarding"), + field.NewPath("spec", "enableIPForwarding"), old.Spec.EnableIPForwarding, m.Spec.EnableIPForwarding); err != nil { allErrs = append(allErrs, err) @@ -181,7 +181,7 @@ func (mw *azureMachineWebhook) ValidateUpdate(ctx context.Context, oldObj, newOb if old.Spec.Diagnostics != nil { if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Diagnostics"), + field.NewPath("spec", "diagnostics"), old.Spec.Diagnostics, m.Spec.Diagnostics); err != nil { allErrs = append(allErrs, err) diff --git a/api/v1beta1/azuremachine_webhook_test.go b/api/v1beta1/azuremachine_webhook_test.go index 6ee2f029d57..bcb7eda2be1 100644 --- a/api/v1beta1/azuremachine_webhook_test.go +++ b/api/v1beta1/azuremachine_webhook_test.go @@ -95,6 +95,14 @@ func TestAzureMachine_ValidateCreate(t *testing.T) { }), wantErr: false, }, + { + name: "azuremachine with list of user-assigned identities with wrong identity type", + machine: createMachineWithUserAssignedIdentitiesWithBadIdentity([]UserAssignedIdentity{ + {ProviderID: "azure:///subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/my-resource-group/providers/Microsoft.Compute/virtualMachines/default-12345-control-plane-9d5x5"}, + {ProviderID: "azure:///subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/my-resource-group/providers/Microsoft.Compute/virtualMachines/default-12345-control-plane-a1b2c"}, + }), + wantErr: true, + }, { name: "azuremachine with empty list of user-assigned identities", machine: createMachineWithUserAssignedIdentities([]UserAssignedIdentity{}), diff --git a/api/v1beta1/azuremachinetemplate_webhook.go b/api/v1beta1/azuremachinetemplate_webhook.go index 01cde89f300..9130f92ac19 100644 --- a/api/v1beta1/azuremachinetemplate_webhook.go +++ b/api/v1beta1/azuremachinetemplate_webhook.go @@ -87,7 +87,7 @@ func (r *AzureMachineTemplate) ValidateCreate(ctx context.Context, obj runtime.O } if ptr.Deref(r.Spec.Template.Spec.DisableExtensionOperations, false) && len(r.Spec.Template.Spec.VMExtensions) > 0 { - allErrs = append(allErrs, field.Forbidden(field.NewPath("AzureMachineTemplate", "spec", "template", "spec", "VMExtensions"), "VMExtensions must be empty when DisableExtensionOperations is true")) + allErrs = append(allErrs, field.Forbidden(field.NewPath("AzureMachineTemplate", "spec", "template", "spec", "vmExtensions"), "VMExtensions must be empty when DisableExtensionOperations is true")) } if len(allErrs) == 0 { diff --git a/api/v1beta1/azuremanagedcluster_webhook_test.go b/api/v1beta1/azuremanagedcluster_webhook_test.go index 961eaf55006..913fda67833 100644 --- a/api/v1beta1/azuremanagedcluster_webhook_test.go +++ b/api/v1beta1/azuremanagedcluster_webhook_test.go @@ -22,6 +22,7 @@ import ( . "github.com/onsi/gomega" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilfeature "k8s.io/component-base/featuregate/testing" + "k8s.io/utils/ptr" "sigs.k8s.io/cluster-api-provider-azure/feature" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" capifeature "sigs.k8s.io/cluster-api/feature" @@ -135,27 +136,29 @@ func TestAzureManagedCluster_ValidateCreate(t *testing.T) { func TestAzureManagedCluster_ValidateCreateFailure(t *testing.T) { tests := []struct { - name string - amc *AzureManagedCluster - deferFunc func() - expectError bool + name string + amc *AzureManagedCluster + featureGateEnabled *bool + expectError bool }{ { - name: "feature gate explicitly disabled", - amc: getKnownValidAzureManagedCluster(), - deferFunc: utilfeature.SetFeatureGateDuringTest(t, feature.Gates, capifeature.MachinePool, false), - expectError: true, + name: "feature gate explicitly disabled", + amc: getKnownValidAzureManagedCluster(), + featureGateEnabled: ptr.To(false), + expectError: true, }, { - name: "feature gate implicitly enabled", - amc: getKnownValidAzureManagedCluster(), - deferFunc: func() {}, - expectError: false, + name: "feature gate implicitly enabled", + amc: getKnownValidAzureManagedCluster(), + featureGateEnabled: nil, + expectError: false, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { - defer tc.deferFunc() + if tc.featureGateEnabled != nil { + defer utilfeature.SetFeatureGateDuringTest(t, feature.Gates, capifeature.MachinePool, *tc.featureGateEnabled)() + } g := NewWithT(t) _, err := tc.amc.ValidateCreate() if tc.expectError { diff --git a/api/v1beta1/azuremanagedcontrolplane_webhook.go b/api/v1beta1/azuremanagedcontrolplane_webhook.go index 238e3e098bb..a0190288ae6 100644 --- a/api/v1beta1/azuremanagedcontrolplane_webhook.go +++ b/api/v1beta1/azuremanagedcontrolplane_webhook.go @@ -139,18 +139,18 @@ func (mw *azureManagedControlPlaneWebhook) ValidateUpdate(ctx context.Context, o old interface{} new interface{} }{ - {field.NewPath("Spec", "SubscriptionID"), old.Spec.SubscriptionID, m.Spec.SubscriptionID}, - {field.NewPath("Spec", "ResourceGroupName"), old.Spec.ResourceGroupName, m.Spec.ResourceGroupName}, - {field.NewPath("Spec", "NodeResourceGroupName"), old.Spec.NodeResourceGroupName, m.Spec.NodeResourceGroupName}, - {field.NewPath("Spec", "Location"), old.Spec.Location, m.Spec.Location}, - {field.NewPath("Spec", "SSHPublicKey"), old.Spec.SSHPublicKey, m.Spec.SSHPublicKey}, - {field.NewPath("Spec", "DNSServiceIP"), old.Spec.DNSServiceIP, m.Spec.DNSServiceIP}, - {field.NewPath("Spec", "NetworkPlugin"), old.Spec.NetworkPlugin, m.Spec.NetworkPlugin}, - {field.NewPath("Spec", "NetworkPolicy"), old.Spec.NetworkPolicy, m.Spec.NetworkPolicy}, - {field.NewPath("Spec", "NetworkDataplane"), old.Spec.NetworkDataplane, m.Spec.NetworkDataplane}, - {field.NewPath("Spec", "LoadBalancerSKU"), old.Spec.LoadBalancerSKU, m.Spec.LoadBalancerSKU}, - {field.NewPath("Spec", "HTTPProxyConfig"), old.Spec.HTTPProxyConfig, m.Spec.HTTPProxyConfig}, - {field.NewPath("Spec", "AzureEnvironment"), old.Spec.AzureEnvironment, m.Spec.AzureEnvironment}, + {field.NewPath("spec", "subscriptionID"), old.Spec.SubscriptionID, m.Spec.SubscriptionID}, + {field.NewPath("spec", "resourceGroupName"), old.Spec.ResourceGroupName, m.Spec.ResourceGroupName}, + {field.NewPath("spec", "nodeResourceGroupName"), old.Spec.NodeResourceGroupName, m.Spec.NodeResourceGroupName}, + {field.NewPath("spec", "location"), old.Spec.Location, m.Spec.Location}, + {field.NewPath("spec", "sshPublicKey"), old.Spec.SSHPublicKey, m.Spec.SSHPublicKey}, + {field.NewPath("spec", "dnsServiceIP"), old.Spec.DNSServiceIP, m.Spec.DNSServiceIP}, + {field.NewPath("spec", "networkPlugin"), old.Spec.NetworkPlugin, m.Spec.NetworkPlugin}, + {field.NewPath("spec", "networkPolicy"), old.Spec.NetworkPolicy, m.Spec.NetworkPolicy}, + {field.NewPath("spec", "networkDataplane"), old.Spec.NetworkDataplane, m.Spec.NetworkDataplane}, + {field.NewPath("spec", "loadBalancerSKU"), old.Spec.LoadBalancerSKU, m.Spec.LoadBalancerSKU}, + {field.NewPath("spec", "httpProxyConfig"), old.Spec.HTTPProxyConfig, m.Spec.HTTPProxyConfig}, + {field.NewPath("spec", "azureEnvironment"), old.Spec.AzureEnvironment, m.Spec.AzureEnvironment}, } for _, f := range immutableFields { @@ -170,7 +170,7 @@ func (mw *azureManagedControlPlaneWebhook) ValidateUpdate(ctx context.Context, o oldDNSPrefix = ptr.To(old.Name) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "DNSPrefix"), + field.NewPath("spec", "dnsPrefix"), oldDNSPrefix, m.Spec.DNSPrefix, ); err != nil { @@ -182,7 +182,7 @@ func (mw *azureManagedControlPlaneWebhook) ValidateUpdate(ctx context.Context, o // Updating outboundType after cluster creation (PREVIEW) // https://learn.microsoft.com/en-us/azure/aks/egress-outboundtype#updating-outboundtype-after-cluster-creation-preview if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "OutboundType"), + field.NewPath("spec", "outboundType"), old.Spec.OutboundType, m.Spec.OutboundType); err != nil { allErrs = append(allErrs, err) @@ -262,11 +262,11 @@ func (m *AzureManagedControlPlane) Validate(cli client.Client) error { allErrs = append(allErrs, validateVersion( m.Spec.Version, - field.NewPath("Spec").Child("Version"))...) + field.NewPath("spec").Child("version"))...) allErrs = append(allErrs, validateLoadBalancerProfile( m.Spec.LoadBalancerProfile, - field.NewPath("Spec").Child("LoadBalancerProfile"))...) + field.NewPath("spec").Child("loadBalancerProfile"))...) allErrs = append(allErrs, validateManagedClusterNetwork( cli, @@ -274,25 +274,25 @@ func (m *AzureManagedControlPlane) Validate(cli client.Client) error { m.Namespace, m.Spec.DNSServiceIP, m.Spec.VirtualNetwork.Subnet, - field.NewPath("Spec"))...) + field.NewPath("spec"))...) - allErrs = append(allErrs, validateName(m.Name, field.NewPath("Name"))...) + allErrs = append(allErrs, validateName(m.Name, field.NewPath("name"))...) - allErrs = append(allErrs, validateAutoScalerProfile(m.Spec.AutoScalerProfile, field.NewPath("spec").Child("AutoScalerProfile"))...) + allErrs = append(allErrs, validateAutoScalerProfile(m.Spec.AutoScalerProfile, field.NewPath("spec").Child("autoScalerProfile"))...) - allErrs = append(allErrs, validateAKSExtensions(m.Spec.Extensions, field.NewPath("spec").Child("AKSExtensions"))...) + allErrs = append(allErrs, validateAKSExtensions(m.Spec.Extensions, field.NewPath("spec").Child("aksExtensions"))...) allErrs = append(allErrs, m.Spec.AzureManagedControlPlaneClassSpec.validateSecurityProfile()...) - allErrs = append(allErrs, validateNetworkPolicy(m.Spec.NetworkPolicy, m.Spec.NetworkDataplane, field.NewPath("spec").Child("NetworkPolicy"))...) + allErrs = append(allErrs, validateNetworkPolicy(m.Spec.NetworkPolicy, m.Spec.NetworkDataplane, field.NewPath("spec").Child("networkPolicy"))...) - allErrs = append(allErrs, validateNetworkDataplane(m.Spec.NetworkDataplane, m.Spec.NetworkPolicy, m.Spec.NetworkPluginMode, field.NewPath("spec").Child("NetworkDataplane"))...) + allErrs = append(allErrs, validateNetworkDataplane(m.Spec.NetworkDataplane, m.Spec.NetworkPolicy, m.Spec.NetworkPluginMode, field.NewPath("spec").Child("networkDataplane"))...) - allErrs = append(allErrs, validateAPIServerAccessProfile(m.Spec.APIServerAccessProfile, field.NewPath("spec").Child("APIServerAccessProfile"))...) + allErrs = append(allErrs, validateAPIServerAccessProfile(m.Spec.APIServerAccessProfile, field.NewPath("spec").Child("apiServerAccessProfile"))...) - allErrs = append(allErrs, validateAMCPVirtualNetwork(m.Spec.VirtualNetwork, field.NewPath("spec").Child("VirtualNetwork"))...) + allErrs = append(allErrs, validateAMCPVirtualNetwork(m.Spec.VirtualNetwork, field.NewPath("spec").Child("virtualNetwork"))...) - allErrs = append(allErrs, validateFleetsMember(m.Spec.FleetsMember, field.NewPath("spec").Child("FleetsMember"))...) + allErrs = append(allErrs, validateFleetsMember(m.Spec.FleetsMember, field.NewPath("spec").Child("fleetsMember"))...) return allErrs.ToAggregate() } @@ -312,7 +312,7 @@ func (m *AzureManagedControlPlane) validateDNSPrefix(_ client.Client) field.Erro return nil } allErrs := field.ErrorList{ - field.Invalid(field.NewPath("Spec", "DNSPrefix"), *m.Spec.DNSPrefix, "DNSPrefix is invalid, does not match regex: "+pattern), + field.Invalid(field.NewPath("spec", "dnsPrefix"), *m.Spec.DNSPrefix, "DNSPrefix is invalid, does not match regex: "+pattern), } return allErrs } @@ -334,7 +334,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateAzureKeyVaultKms() field.Err if m.SecurityProfile != nil && m.SecurityProfile.AzureKeyVaultKms != nil { if !m.isUserManagedIdentityEnabled() { allErrs := field.ErrorList{ - field.Invalid(field.NewPath("Spec", "SecurityProfile", "AzureKeyVaultKms", "KeyVaultResourceID"), + field.Invalid(field.NewPath("spec", "securityProfile", "azureKeyVaultKms", "keyVaultResourceID"), m.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID, "Spec.SecurityProfile.AzureKeyVaultKms can be set only when Spec.Identity.Type is UserAssigned"), } @@ -344,7 +344,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateAzureKeyVaultKms() field.Err keyVaultResourceID := ptr.Deref(m.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID, "") if keyVaultNetworkAccess == KeyVaultNetworkAccessTypesPrivate && keyVaultResourceID == "" { allErrs := field.ErrorList{ - field.Invalid(field.NewPath("Spec", "SecurityProfile", "AzureKeyVaultKms", "KeyVaultResourceID"), + field.Invalid(field.NewPath("spec", "securityProfile", "azureKeyVaultKms", "keyVaultResourceID"), m.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID, "Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID cannot be empty when Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultNetworkAccess is Private"), } @@ -352,7 +352,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateAzureKeyVaultKms() field.Err } if keyVaultNetworkAccess == KeyVaultNetworkAccessTypesPublic && keyVaultResourceID != "" { allErrs := field.ErrorList{ - field.Invalid(field.NewPath("Spec", "SecurityProfile", "AzureKeyVaultKms", "KeyVaultResourceID"), m.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID, + field.Invalid(field.NewPath("spec", "securityProfile", "azureKeyVaultKms", "keyVaultResourceID"), m.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID, "Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID should be empty when Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultNetworkAccess is Public"), } return allErrs @@ -365,7 +365,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateAzureKeyVaultKms() field.Err func (m *AzureManagedControlPlaneClassSpec) validateWorkloadIdentity() field.ErrorList { if m.SecurityProfile != nil && m.SecurityProfile.WorkloadIdentity != nil && !m.isOIDCEnabled() { allErrs := field.ErrorList{ - field.Invalid(field.NewPath("Spec", "SecurityProfile", "WorkloadIdentity"), m.SecurityProfile.WorkloadIdentity, + field.Invalid(field.NewPath("spec", "securityProfile", "workloadIdentity"), m.SecurityProfile.WorkloadIdentity, "Spec.SecurityProfile.WorkloadIdentity cannot be enabled when Spec.OIDCIssuerProfile is disabled"), } return allErrs @@ -377,7 +377,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateWorkloadIdentity() field.Err func (m *AzureManagedControlPlane) validateDisableLocalAccounts(_ client.Client) field.ErrorList { if m.Spec.DisableLocalAccounts != nil && m.Spec.AADProfile == nil { return field.ErrorList{ - field.Invalid(field.NewPath("Spec", "DisableLocalAccounts"), *m.Spec.DisableLocalAccounts, "DisableLocalAccounts should be set only for AAD enabled clusters"), + field.Invalid(field.NewPath("spec", "disableLocalAccounts"), *m.Spec.DisableLocalAccounts, "DisableLocalAccounts should be set only for AAD enabled clusters"), } } return nil @@ -555,7 +555,7 @@ func validateManagedClusterNetwork(cli client.Client, labels map[string]string, } if err := cli.Get(ctx, key, ownerCluster); err != nil { - allErrs = append(allErrs, field.InternalError(field.NewPath("Cluster", "Spec", "ClusterNetwork"), err)) + allErrs = append(allErrs, field.InternalError(field.NewPath("Cluster", "spec", "clusterNetwork"), err)) return allErrs } @@ -564,7 +564,7 @@ func validateManagedClusterNetwork(cli client.Client, labels map[string]string, // A user may provide zero or one CIDR blocks. If they provide an empty array, // we ignore it and use the default. AKS doesn't support > 1 Service/Pod CIDR. if len(clusterNetwork.Services.CIDRBlocks) > 1 { - allErrs = append(allErrs, field.TooMany(field.NewPath("Cluster", "Spec", "ClusterNetwork", "Services", "CIDRBlocks"), len(clusterNetwork.Services.CIDRBlocks), 1)) + allErrs = append(allErrs, field.TooMany(field.NewPath("Cluster", "spec", "clusterNetwork", "services", "cidrBlocks"), len(clusterNetwork.Services.CIDRBlocks), 1)) } if len(clusterNetwork.Services.CIDRBlocks) == 1 { serviceCIDR = clusterNetwork.Services.CIDRBlocks[0] @@ -574,34 +574,34 @@ func validateManagedClusterNetwork(cli client.Client, labels map[string]string, // A user may provide zero or one CIDR blocks. If they provide an empty array, // we ignore it and use the default. AKS doesn't support > 1 Service/Pod CIDR. if len(clusterNetwork.Pods.CIDRBlocks) > 1 { - allErrs = append(allErrs, field.TooMany(field.NewPath("Cluster", "Spec", "ClusterNetwork", "Pods", "CIDRBlocks"), len(clusterNetwork.Pods.CIDRBlocks), 1)) + allErrs = append(allErrs, field.TooMany(field.NewPath("Cluster", "spec", "clusterNetwork", "pods", "cidrBlocks"), len(clusterNetwork.Pods.CIDRBlocks), 1)) } } } if dnsServiceIP != nil { if serviceCIDR == "" { - allErrs = append(allErrs, field.Required(field.NewPath("Cluster", "Spec", "ClusterNetwork", "Services", "CIDRBlocks"), "service CIDR must be specified if specifying DNSServiceIP")) + allErrs = append(allErrs, field.Required(field.NewPath("Cluster", "spec", "clusterNetwork", "services", "cidrBlocks"), "service CIDR must be specified if specifying DNSServiceIP")) } _, cidr, err := net.ParseCIDR(serviceCIDR) if err != nil { - allErrs = append(allErrs, field.Invalid(field.NewPath("Cluster", "Spec", "ClusterNetwork", "Services", "CIDRBlocks"), serviceCIDR, fmt.Sprintf("failed to parse cluster service cidr: %v", err))) + allErrs = append(allErrs, field.Invalid(field.NewPath("Cluster", "spec", "clusterNetwork", "services", "cidrBlocks"), serviceCIDR, fmt.Sprintf("failed to parse cluster service cidr: %v", err))) } dnsIP := net.ParseIP(*dnsServiceIP) if dnsIP == nil { // dnsIP will be nil if the string is not a valid IP - allErrs = append(allErrs, field.Invalid(field.NewPath("Cluster", "Spec", "ClusterNetwork", "Services", "DNSServiceIP"), *dnsServiceIP, "must be a valid IP address")) + allErrs = append(allErrs, field.Invalid(field.NewPath("Cluster", "spec", "clusterNetwork", "services", "dnsServiceIP"), *dnsServiceIP, "must be a valid IP address")) } if dnsIP != nil && !cidr.Contains(dnsIP) { - allErrs = append(allErrs, field.Invalid(field.NewPath("Cluster", "Spec", "ClusterNetwork", "Services", "CIDRBlocks"), serviceCIDR, "DNSServiceIP must reside within the associated cluster serviceCIDR")) + allErrs = append(allErrs, field.Invalid(field.NewPath("Cluster", "spec", "clusterNetwork", "services", "cidrBlocks"), serviceCIDR, "DNSServiceIP must reside within the associated cluster serviceCIDR")) } // AKS only supports .10 as the last octet for the DNSServiceIP. // Refer to: https://learn.microsoft.com/en-us/azure/aks/configure-kubenet#create-an-aks-cluster-with-system-assigned-managed-identities targetSuffix := ".10" if dnsIP != nil && !strings.HasSuffix(dnsIP.String(), targetSuffix) { - allErrs = append(allErrs, field.Invalid(field.NewPath("Cluster", "Spec", "ClusterNetwork", "Services", "DNSServiceIP"), *dnsServiceIP, fmt.Sprintf("must end with %q", targetSuffix))) + allErrs = append(allErrs, field.Invalid(field.NewPath("Cluster", "spec", "clusterNetwork", "services", "dnsServiceIP"), *dnsServiceIP, fmt.Sprintf("must end with %q", targetSuffix))) } } @@ -633,14 +633,14 @@ func (m *AzureManagedControlPlane) validateAutoUpgradeProfile(old *AzureManagedC func (m *AzureManagedControlPlane) validateK8sVersionUpdate(old *AzureManagedControlPlane) field.ErrorList { var allErrs field.ErrorList if hv := versions.GetHigherK8sVersion(m.Spec.Version, old.Spec.Version); hv != m.Spec.Version { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "Version"), + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "version"), m.Spec.Version, "field version cannot be downgraded"), ) } if old.Status.AutoUpgradeVersion != "" && m.Spec.Version != old.Spec.Version { if hv := versions.GetHigherK8sVersion(m.Spec.Version, old.Status.AutoUpgradeVersion); hv != m.Spec.Version { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "Version"), + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "version"), m.Spec.Version, "version is auto-upgraded to "+old.Status.AutoUpgradeVersion+", cannot be downgraded"), ) } @@ -675,7 +675,7 @@ func (m *AzureManagedControlPlane) validateAPIServerAccessProfileUpdate(old *Azu if !reflect.DeepEqual(newAPIServerAccessProfileNormalized, oldAPIServerAccessProfileNormalized) { allErrs = append(allErrs, - field.Invalid(field.NewPath("Spec", "APIServerAccessProfile"), + field.Invalid(field.NewPath("spec", "apiServerAccessProfile"), m.Spec.APIServerAccessProfile, "fields (except for AuthorizedIPRanges) are immutable"), ) } @@ -694,7 +694,7 @@ func (m *AzureManagedControlPlane) validateAddonProfilesUpdate(old *AzureManaged for i, addonProfile := range old.Spec.AddonProfiles { if _, ok := newAddonProfileMap[addonProfile.Name]; !ok { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "AddonProfiles"), + field.NewPath("spec", "addonProfiles"), m.Spec.AddonProfiles, fmt.Sprintf("cannot remove addonProfile %s, To disable this AddonProfile, update Spec.AddonProfiles[%v].Enabled to false", addonProfile.Name, i))) } @@ -709,7 +709,7 @@ func (m *AzureManagedControlPlane) validateVirtualNetworkUpdate(old *AzureManage if old.Spec.VirtualNetwork.Name != m.Spec.VirtualNetwork.Name { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "VirtualNetwork.Name"), + field.NewPath("spec", "virtualNetwork", "name"), m.Spec.VirtualNetwork.Name, "Virtual Network Name is immutable")) } @@ -717,7 +717,7 @@ func (m *AzureManagedControlPlane) validateVirtualNetworkUpdate(old *AzureManage if old.Spec.VirtualNetwork.CIDRBlock != m.Spec.VirtualNetwork.CIDRBlock { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "VirtualNetwork.CIDRBlock"), + field.NewPath("spec", "virtualNetwork", "cidrBlock"), m.Spec.VirtualNetwork.CIDRBlock, "Virtual Network CIDRBlock is immutable")) } @@ -725,7 +725,7 @@ func (m *AzureManagedControlPlane) validateVirtualNetworkUpdate(old *AzureManage if old.Spec.VirtualNetwork.Subnet.Name != m.Spec.VirtualNetwork.Subnet.Name { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "VirtualNetwork.Subnet.Name"), + field.NewPath("spec", "virtualNetwork", "subnet", "name"), m.Spec.VirtualNetwork.Subnet.Name, "Subnet Name is immutable")) } @@ -737,7 +737,7 @@ func (m *AzureManagedControlPlane) validateVirtualNetworkUpdate(old *AzureManage if old.Spec.VirtualNetwork.Subnet.CIDRBlock != m.Spec.VirtualNetwork.Subnet.CIDRBlock { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "VirtualNetwork.Subnet.CIDRBlock"), + field.NewPath("spec", "virtualNetwork", "subnet", "cidrBlock"), m.Spec.VirtualNetwork.Subnet.CIDRBlock, "Subnet CIDRBlock is immutable")) } @@ -745,7 +745,7 @@ func (m *AzureManagedControlPlane) validateVirtualNetworkUpdate(old *AzureManage if old.Spec.VirtualNetwork.ResourceGroup != m.Spec.VirtualNetwork.ResourceGroup { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "VirtualNetwork.ResourceGroup"), + field.NewPath("spec", "virtualNetwork", "resourceGroup"), m.Spec.VirtualNetwork.ResourceGroup, "Virtual Network Resource Group is immutable")) } @@ -759,7 +759,7 @@ func (m *AzureManagedControlPlane) validateNetworkPluginModeUpdate(old *AzureMan if ptr.Deref(old.Spec.NetworkPluginMode, "") != NetworkPluginModeOverlay && ptr.Deref(m.Spec.NetworkPluginMode, "") == NetworkPluginModeOverlay && old.Spec.NetworkPolicy != nil { - allErrs = append(allErrs, field.Forbidden(field.NewPath("Spec", "NetworkPluginMode"), fmt.Sprintf("%q NetworkPluginMode cannot be enabled when NetworkPolicy is set", NetworkPluginModeOverlay))) + allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "networkPluginMode"), fmt.Sprintf("%q NetworkPluginMode cannot be enabled when NetworkPolicy is set", NetworkPluginModeOverlay))) } return allErrs @@ -772,21 +772,21 @@ func (m *AzureManagedControlPlane) validateAADProfileUpdateAndLocalAccounts(old if m.Spec.AADProfile == nil { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "AADProfile"), + field.NewPath("spec", "aadProfile"), m.Spec.AADProfile, "field cannot be nil, cannot disable AADProfile")) } else { if !m.Spec.AADProfile.Managed && old.Spec.AADProfile.Managed { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "AADProfile.Managed"), + field.NewPath("spec", "aadProfile", "managed"), m.Spec.AADProfile.Managed, "cannot set AADProfile.Managed to false")) } if len(m.Spec.AADProfile.AdminGroupObjectIDs) == 0 { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "AADProfile.AdminGroupObjectIDs"), + field.NewPath("spec", "aadProfile", "adminGroupObjectIDs"), m.Spec.AADProfile.AdminGroupObjectIDs, "length of AADProfile.AdminGroupObjectIDs cannot be zero")) } @@ -798,7 +798,7 @@ func (m *AzureManagedControlPlane) validateAADProfileUpdateAndLocalAccounts(old m.Spec.AADProfile == nil { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "DisableLocalAccounts"), + field.NewPath("spec", "disableLocalAccounts"), m.Spec.DisableLocalAccounts, "DisableLocalAccounts can be set only for AAD enabled clusters")) } @@ -806,7 +806,7 @@ func (m *AzureManagedControlPlane) validateAADProfileUpdateAndLocalAccounts(old if old.Spec.DisableLocalAccounts != nil { // Prevent DisableLocalAccounts modification if it was already set to some value if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "DisableLocalAccounts"), + field.NewPath("spec", "disableLocalAccounts"), m.Spec.DisableLocalAccounts, old.Spec.DisableLocalAccounts, ); err != nil { @@ -842,7 +842,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateAzureKeyVaultKmsUpdate(old * var allErrs field.ErrorList if old.SecurityProfile.AzureKeyVaultKms != nil { if m.SecurityProfile == nil || m.SecurityProfile.AzureKeyVaultKms == nil { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "SecurityProfile", "AzureKeyVaultKms"), + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "securityProfile", "azureKeyVaultKms"), nil, "cannot unset Spec.SecurityProfile.AzureKeyVaultKms profile to disable the profile please set Spec.SecurityProfile.AzureKeyVaultKms.Enabled to false")) return allErrs } @@ -855,7 +855,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateWorkloadIdentityUpdate(old * var allErrs field.ErrorList if old.SecurityProfile.WorkloadIdentity != nil { if m.SecurityProfile == nil || m.SecurityProfile.WorkloadIdentity == nil { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "SecurityProfile", "WorkloadIdentity"), + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "securityProfile", "workloadIdentity"), nil, "cannot unset Spec.SecurityProfile.WorkloadIdentity, to disable workloadIdentity please set Spec.SecurityProfile.WorkloadIdentity.Enabled to false")) } } @@ -867,7 +867,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateImageCleanerUpdate(old *Azur var allErrs field.ErrorList if old.SecurityProfile.ImageCleaner != nil { if m.SecurityProfile == nil || m.SecurityProfile.ImageCleaner == nil { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "SecurityProfile", "ImageCleaner"), + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "securityProfile", "imageCleaner"), nil, "cannot unset Spec.SecurityProfile.ImageCleaner, to disable imageCleaner please set Spec.SecurityProfile.ImageCleaner.Enabled to false")) } } @@ -879,7 +879,7 @@ func (m *AzureManagedControlPlaneClassSpec) validateDefender(old *AzureManagedCo var allErrs field.ErrorList if old.SecurityProfile.Defender != nil { if m.SecurityProfile == nil || m.SecurityProfile.Defender == nil { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "SecurityProfile", "Defender"), + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "securityProfile", "defender"), nil, "cannot unset Spec.SecurityProfile.Defender, to disable defender please set Spec.SecurityProfile.Defender.SecurityMonitoring.Enabled to false")) } } @@ -894,7 +894,7 @@ func (m *AzureManagedControlPlane) validateOIDCIssuerProfileUpdate(old *AzureMan !*m.Spec.OIDCIssuerProfile.Enabled && *old.Spec.OIDCIssuerProfile.Enabled { allErrs = append(allErrs, field.Forbidden( - field.NewPath("Spec", "OIDCIssuerProfile", "Enabled"), + field.NewPath("spec", "oidcIssuerProfile", "enabled"), "cannot be disabled", ), ) @@ -913,7 +913,7 @@ func (m *AzureManagedControlPlane) validateFleetsMemberUpdate(old *AzureManagedC if old.Spec.FleetsMember.Name != "" && old.Spec.FleetsMember.Name != m.Spec.FleetsMember.Name { allErrs = append(allErrs, field.Forbidden( - field.NewPath("Spec", "FleetsMember", "Name"), + field.NewPath("spec", "fleetsMember", "name"), "Name is immutable", ), ) @@ -940,7 +940,7 @@ func validateAKSExtensionsUpdate(old []AKSExtension, current []AKSExtension) fie if extension.Name != oldExtension.Name { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Extensions", fmt.Sprintf("[%d]", i), "Name"), + field.NewPath("spec", "extensions", fmt.Sprintf("[%d]", i), "name"), extension.Name, "field is immutable", ), @@ -949,7 +949,7 @@ func validateAKSExtensionsUpdate(old []AKSExtension, current []AKSExtension) fie if (oldExtension.ExtensionType != nil && extension.ExtensionType != nil) && *extension.ExtensionType != *oldExtension.ExtensionType { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Extensions", fmt.Sprintf("[%d]", i), "ExtensionType"), + field.NewPath("spec", "extensions", fmt.Sprintf("[%d]", i), "extensionType"), extension.ExtensionType, "field is immutable", ), @@ -958,7 +958,7 @@ func validateAKSExtensionsUpdate(old []AKSExtension, current []AKSExtension) fie if (extension.Plan != nil && oldExtension.Plan != nil) && *extension.Plan != *oldExtension.Plan { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Extensions", fmt.Sprintf("[%d]", i), "Plan"), + field.NewPath("spec", "extensions", fmt.Sprintf("[%d]", i), "plan"), extension.Plan, "field is immutable", ), @@ -967,7 +967,7 @@ func validateAKSExtensionsUpdate(old []AKSExtension, current []AKSExtension) fie if extension.Scope != oldExtension.Scope { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Extensions", fmt.Sprintf("[%d]", i), "Scope"), + field.NewPath("spec", "extensions", fmt.Sprintf("[%d]", i), "scope"), extension.Scope, "field is immutable", ), @@ -976,7 +976,7 @@ func validateAKSExtensionsUpdate(old []AKSExtension, current []AKSExtension) fie if (extension.ReleaseTrain != nil && oldExtension.ReleaseTrain != nil) && *extension.ReleaseTrain != *oldExtension.ReleaseTrain { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Extensions", fmt.Sprintf("[%d]", i), "ReleaseTrain"), + field.NewPath("spec", "extensions", fmt.Sprintf("[%d]", i), "releaseTrain"), extension.ReleaseTrain, "field is immutable", ), @@ -985,7 +985,7 @@ func validateAKSExtensionsUpdate(old []AKSExtension, current []AKSExtension) fie if (extension.Version != nil && oldExtension.Version != nil) && *extension.Version != *oldExtension.Version { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Extensions", fmt.Sprintf("[%d]", i), "Version"), + field.NewPath("spec", "extensions", fmt.Sprintf("[%d]", i), "version"), extension.Version, "field is immutable", ), @@ -994,7 +994,7 @@ func validateAKSExtensionsUpdate(old []AKSExtension, current []AKSExtension) fie if extension.Identity != oldExtension.Identity { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Extensions", fmt.Sprintf("[%d]", i), "Identity"), + field.NewPath("spec", "extensions", fmt.Sprintf("[%d]", i), "identity"), extension.Identity, "field is immutable", ), @@ -1104,7 +1104,7 @@ func validateAutoScalerProfile(autoScalerProfile *AutoScalerProfile, fldPath *fi if autoScalerProfile.MaxTotalUnreadyPercentage != nil { val, err := strconv.Atoi(*autoScalerProfile.MaxTotalUnreadyPercentage) if err != nil || val < 0 || val > 100 { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "AutoscalerProfile", "MaxTotalUnreadyPercentage"), autoScalerProfile.MaxTotalUnreadyPercentage, "invalid value")) + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "autoscalerProfile", "maxTotalUnreadyPercentage"), autoScalerProfile.MaxTotalUnreadyPercentage, "invalid value")) } } @@ -1112,7 +1112,7 @@ func validateAutoScalerProfile(autoScalerProfile *AutoScalerProfile, fldPath *fi allErrs = append(allErrs, errs...) } - if errs := validateIntegerStringGreaterThanZero(autoScalerProfile.OkTotalUnreadyCount, fldPath, "OkTotalUnreadyCount"); len(errs) > 0 { + if errs := validateIntegerStringGreaterThanZero(autoScalerProfile.OkTotalUnreadyCount, fldPath, "okTotalUnreadyCount"); len(errs) > 0 { allErrs = append(allErrs, errs...) } @@ -1120,7 +1120,7 @@ func validateAutoScalerProfile(autoScalerProfile *AutoScalerProfile, fldPath *fi allErrs = append(allErrs, errs...) } - if errs := validateScaleDownTime(autoScalerProfile.ScaleDownDelayAfterAdd, fldPath, "ScaleDownDelayAfterAdd"); len(errs) > 0 { + if errs := validateScaleDownTime(autoScalerProfile.ScaleDownDelayAfterAdd, fldPath, "scaleDownDelayAfterAdd"); len(errs) > 0 { allErrs = append(allErrs, errs...) } @@ -1128,22 +1128,22 @@ func validateAutoScalerProfile(autoScalerProfile *AutoScalerProfile, fldPath *fi allErrs = append(allErrs, errs...) } - if errs := validateScaleDownTime(autoScalerProfile.ScaleDownDelayAfterFailure, fldPath, "ScaleDownDelayAfterFailure"); len(errs) > 0 { + if errs := validateScaleDownTime(autoScalerProfile.ScaleDownDelayAfterFailure, fldPath, "scaleDownDelayAfterFailure"); len(errs) > 0 { allErrs = append(allErrs, errs...) } - if errs := validateScaleDownTime(autoScalerProfile.ScaleDownUnneededTime, fldPath, "ScaleDownUnneededTime"); len(errs) > 0 { + if errs := validateScaleDownTime(autoScalerProfile.ScaleDownUnneededTime, fldPath, "scaleDownUnneededTime"); len(errs) > 0 { allErrs = append(allErrs, errs...) } - if errs := validateScaleDownTime(autoScalerProfile.ScaleDownUnreadyTime, fldPath, "ScaleDownUnreadyTime"); len(errs) > 0 { + if errs := validateScaleDownTime(autoScalerProfile.ScaleDownUnreadyTime, fldPath, "scaleDownUnreadyTime"); len(errs) > 0 { allErrs = append(allErrs, errs...) } if autoScalerProfile.ScaleDownUtilizationThreshold != nil { val, err := strconv.ParseFloat(*autoScalerProfile.ScaleDownUtilizationThreshold, 32) if err != nil || val < 0 || val > 1 { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "AutoscalerProfile", "ScaleDownUtilizationThreshold"), autoScalerProfile.ScaleDownUtilizationThreshold, "invalid value")) + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "autoscalerProfile", "scaleDownUtilizationThreshold"), autoScalerProfile.ScaleDownUtilizationThreshold, "invalid value")) } } @@ -1227,11 +1227,11 @@ func (m *AzureManagedControlPlane) validateIdentity(_ client.Client) field.Error if m.Spec.Identity != nil { if m.Spec.Identity.Type == ManagedControlPlaneIdentityTypeUserAssigned { if m.Spec.Identity.UserAssignedIdentityResourceID == "" { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "Identity", "UserAssignedIdentityResourceID"), m.Spec.Identity.UserAssignedIdentityResourceID, "cannot be empty if Identity.Type is UserAssigned")) + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "identity", "userAssignedIdentityResourceID"), m.Spec.Identity.UserAssignedIdentityResourceID, "cannot be empty if Identity.Type is UserAssigned")) } } else { if m.Spec.Identity.UserAssignedIdentityResourceID != "" { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "Identity", "UserAssignedIdentityResourceID"), m.Spec.Identity.UserAssignedIdentityResourceID, "should be empty if Identity.Type is SystemAssigned")) + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "identity", "userAssignedIdentityResourceID"), m.Spec.Identity.UserAssignedIdentityResourceID, "should be empty if Identity.Type is SystemAssigned")) } } } @@ -1250,7 +1250,7 @@ func (m *AzureManagedControlPlane) validateNetworkPluginMode(_ client.Client) fi const kubenet = "kubenet" if ptr.Deref(m.Spec.NetworkPluginMode, "") == NetworkPluginModeOverlay && ptr.Deref(m.Spec.NetworkPlugin, "") == kubenet { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "NetworkPluginMode"), m.Spec.NetworkPluginMode, fmt.Sprintf("cannot be set to %q when NetworkPlugin is %q", NetworkPluginModeOverlay, kubenet))) + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "networkPluginMode"), m.Spec.NetworkPluginMode, fmt.Sprintf("cannot be set to %q when NetworkPlugin is %q", NetworkPluginModeOverlay, kubenet))) } if len(allErrs) > 0 { diff --git a/api/v1beta1/azuremanagedcontrolplane_webhook_test.go b/api/v1beta1/azuremanagedcontrolplane_webhook_test.go index fc465ee9533..ad6504612ec 100644 --- a/api/v1beta1/azuremanagedcontrolplane_webhook_test.go +++ b/api/v1beta1/azuremanagedcontrolplane_webhook_test.go @@ -238,7 +238,7 @@ func TestValidateLoadBalancerProfile(t *testing.T) { }, expectedErr: field.Error{ Type: field.ErrorTypeInvalid, - Field: "spec.LoadBalancerProfile.ManagedOutboundIPs", + Field: "spec.loadBalancerProfile.ManagedOutboundIPs", BadValue: ptr.To(200), Detail: "value should be in between 1 and 100", }, @@ -250,7 +250,7 @@ func TestValidateLoadBalancerProfile(t *testing.T) { }, expectedErr: field.Error{ Type: field.ErrorTypeInvalid, - Field: "spec.LoadBalancerProfile.IdleTimeoutInMinutes", + Field: "spec.loadBalancerProfile.IdleTimeoutInMinutes", BadValue: ptr.To(600), Detail: "value should be in between 4 and 120", }, @@ -265,7 +265,7 @@ func TestValidateLoadBalancerProfile(t *testing.T) { }, expectedErr: field.Error{ Type: field.ErrorTypeForbidden, - Field: "spec.LoadBalancerProfile", + Field: "spec.loadBalancerProfile", BadValue: ptr.To(2), Detail: "load balancer profile must specify at most one of ManagedOutboundIPs, OutboundIPPrefixes and OutboundIPs", }, @@ -275,7 +275,7 @@ func TestValidateLoadBalancerProfile(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { g := NewWithT(t) - allErrs := validateLoadBalancerProfile(tt.profile, field.NewPath("spec").Child("LoadBalancerProfile")) + allErrs := validateLoadBalancerProfile(tt.profile, field.NewPath("spec").Child("loadBalancerProfile")) if tt.expectedErr != (field.Error{}) { g.Expect(allErrs).To(ContainElement(MatchError(tt.expectedErr.Error()))) } else { @@ -467,7 +467,7 @@ func TestValidateAutoScalerProfile(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { g := NewWithT(t) - allErrs := validateAutoScalerProfile(tt.profile, field.NewPath("spec").Child("AutoScalerProfile")) + allErrs := validateAutoScalerProfile(tt.profile, field.NewPath("spec").Child("autoScalerProfile")) if tt.expectErr { g.Expect(allErrs).NotTo(BeNil()) } else { @@ -1662,29 +1662,31 @@ func TestAzureManagedControlPlane_ValidateCreate(t *testing.T) { func TestAzureManagedControlPlane_ValidateCreateFailure(t *testing.T) { tests := []struct { - name string - amcp *AzureManagedControlPlane - deferFunc func() - expectError bool + name string + amcp *AzureManagedControlPlane + featureGateEnabled *bool + expectError bool }{ { - name: "feature gate explicitly disabled", - amcp: getKnownValidAzureManagedControlPlane(), - deferFunc: utilfeature.SetFeatureGateDuringTest(t, feature.Gates, capifeature.MachinePool, false), - expectError: true, + name: "feature gate explicitly disabled", + amcp: getKnownValidAzureManagedControlPlane(), + featureGateEnabled: ptr.To(false), + expectError: true, }, { - name: "feature gate implicitly enabled", - amcp: getKnownValidAzureManagedControlPlane(), - deferFunc: func() {}, - expectError: false, + name: "feature gate implicitly enabled", + amcp: getKnownValidAzureManagedControlPlane(), + featureGateEnabled: nil, + expectError: false, }, } client := mockClient{ReturnError: false} for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { g := NewWithT(t) - defer tc.deferFunc() + if tc.featureGateEnabled != nil { + defer utilfeature.SetFeatureGateDuringTest(t, feature.Gates, capifeature.MachinePool, *tc.featureGateEnabled)() + } mcpw := &azureManagedControlPlaneWebhook{ Client: client, } @@ -3270,7 +3272,7 @@ func TestAzureManagedClusterSecurityProfileValidateCreate(t *testing.T) { }, }, }, - wantErr: "Spec.SecurityProfile.WorkloadIdentity: Invalid value: v1beta1.ManagedClusterSecurityProfileWorkloadIdentity{Enabled:true}: Spec.SecurityProfile.WorkloadIdentity cannot be enabled when Spec.OIDCIssuerProfile is disabled", + wantErr: "spec.securityProfile.workloadIdentity: Invalid value: v1beta1.ManagedClusterSecurityProfileWorkloadIdentity{Enabled:true}: Spec.SecurityProfile.WorkloadIdentity cannot be enabled when Spec.OIDCIssuerProfile is disabled", }, { name: "Cannot enable AzureKms without user assigned identity", @@ -3286,7 +3288,7 @@ func TestAzureManagedClusterSecurityProfileValidateCreate(t *testing.T) { }, }, }, - wantErr: "Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID: Invalid value: \"null\": Spec.SecurityProfile.AzureKeyVaultKms can be set only when Spec.Identity.Type is UserAssigned", + wantErr: "spec.securityProfile.azureKeyVaultKms.keyVaultResourceID: Invalid value: \"null\": Spec.SecurityProfile.AzureKeyVaultKms can be set only when Spec.Identity.Type is UserAssigned", }, { name: "When AzureKms.KeyVaultNetworkAccess is private AzureKeyVaultKms.KeyVaultResourceID cannot be empty", @@ -3308,7 +3310,7 @@ func TestAzureManagedClusterSecurityProfileValidateCreate(t *testing.T) { }, }, }, - wantErr: "Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID: Invalid value: \"null\": Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID cannot be empty when Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultNetworkAccess is Private", + wantErr: "spec.securityProfile.azureKeyVaultKms.keyVaultResourceID: Invalid value: \"null\": Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID cannot be empty when Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultNetworkAccess is Private", }, { name: "When AzureKms.KeyVaultNetworkAccess is public AzureKeyVaultKms.KeyVaultResourceID should be empty", @@ -3331,7 +3333,7 @@ func TestAzureManagedClusterSecurityProfileValidateCreate(t *testing.T) { }, }, }, - wantErr: "Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID: Invalid value: \"not empty\": Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID should be empty when Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultNetworkAccess is Public", + wantErr: "spec.securityProfile.azureKeyVaultKms.keyVaultResourceID: Invalid value: \"not empty\": Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID should be empty when Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultNetworkAccess is Public", }, { name: "Valid profile", @@ -3447,7 +3449,7 @@ func TestAzureClusterSecurityProfileValidateUpdate(t *testing.T) { }, }, }, - wantErr: "AzureManagedControlPlane.infrastructure.cluster.x-k8s.io \"\" is invalid: Spec.SecurityProfile.Defender: Invalid value: \"null\": cannot unset Spec.SecurityProfile.Defender, to disable defender please set Spec.SecurityProfile.Defender.SecurityMonitoring.Enabled to false", + wantErr: "AzureManagedControlPlane.infrastructure.cluster.x-k8s.io \"\" is invalid: spec.securityProfile.defender: Invalid value: \"null\": cannot unset Spec.SecurityProfile.Defender, to disable defender please set Spec.SecurityProfile.Defender.SecurityMonitoring.Enabled to false", }, { name: "AzureManagedControlPlane SecurityProfile.Defender is mutable and can be disabled", @@ -3530,7 +3532,7 @@ func TestAzureClusterSecurityProfileValidateUpdate(t *testing.T) { }, }, }, - wantErr: "Spec.SecurityProfile.WorkloadIdentity: Invalid value: v1beta1.ManagedClusterSecurityProfileWorkloadIdentity{Enabled:true}: Spec.SecurityProfile.WorkloadIdentity cannot be enabled when Spec.OIDCIssuerProfile is disabled", + wantErr: "spec.securityProfile.workloadIdentity: Invalid value: v1beta1.ManagedClusterSecurityProfileWorkloadIdentity{Enabled:true}: Spec.SecurityProfile.WorkloadIdentity cannot be enabled when Spec.OIDCIssuerProfile is disabled", }, { name: "AzureManagedControlPlane SecurityProfile.WorkloadIdentity cannot unset values", @@ -3559,7 +3561,7 @@ func TestAzureClusterSecurityProfileValidateUpdate(t *testing.T) { }, }, }, - wantErr: "AzureManagedControlPlane.infrastructure.cluster.x-k8s.io \"\" is invalid: Spec.SecurityProfile.WorkloadIdentity: Invalid value: \"null\": cannot unset Spec.SecurityProfile.WorkloadIdentity, to disable workloadIdentity please set Spec.SecurityProfile.WorkloadIdentity.Enabled to false", + wantErr: "AzureManagedControlPlane.infrastructure.cluster.x-k8s.io \"\" is invalid: spec.securityProfile.workloadIdentity: Invalid value: \"null\": cannot unset Spec.SecurityProfile.WorkloadIdentity, to disable workloadIdentity please set Spec.SecurityProfile.WorkloadIdentity.Enabled to false", }, { name: "AzureManagedControlPlane SecurityProfile.WorkloadIdentity can be disabled", @@ -3737,7 +3739,7 @@ func TestAzureClusterSecurityProfileValidateUpdate(t *testing.T) { }, }, }, - wantErr: "AzureManagedControlPlane.infrastructure.cluster.x-k8s.io \"\" is invalid: Spec.SecurityProfile.AzureKeyVaultKms: Invalid value: \"null\": cannot unset Spec.SecurityProfile.AzureKeyVaultKms profile to disable the profile please set Spec.SecurityProfile.AzureKeyVaultKms.Enabled to false", + wantErr: "AzureManagedControlPlane.infrastructure.cluster.x-k8s.io \"\" is invalid: spec.securityProfile.azureKeyVaultKms: Invalid value: \"null\": cannot unset Spec.SecurityProfile.AzureKeyVaultKms profile to disable the profile please set Spec.SecurityProfile.AzureKeyVaultKms.Enabled to false", }, { name: "AzureManagedControlPlane SecurityProfile.AzureKeyVaultKms cannot be enabled without UserAssigned Identity", @@ -3763,7 +3765,7 @@ func TestAzureClusterSecurityProfileValidateUpdate(t *testing.T) { }, }, }, - wantErr: "Spec.SecurityProfile.AzureKeyVaultKms.KeyVaultResourceID: Invalid value: \"0000-0000-0000-0000\": Spec.SecurityProfile.AzureKeyVaultKms can be set only when Spec.Identity.Type is UserAssigned", + wantErr: "spec.securityProfile.azureKeyVaultKms.keyVaultResourceID: Invalid value: \"0000-0000-0000-0000\": Spec.SecurityProfile.AzureKeyVaultKms can be set only when Spec.Identity.Type is UserAssigned", }, { name: "AzureManagedControlPlane SecurityProfile.ImageCleaner is mutable", @@ -3812,7 +3814,7 @@ func TestAzureClusterSecurityProfileValidateUpdate(t *testing.T) { }, }, }, - wantErr: "AzureManagedControlPlane.infrastructure.cluster.x-k8s.io \"\" is invalid: Spec.SecurityProfile.ImageCleaner: Invalid value: \"null\": cannot unset Spec.SecurityProfile.ImageCleaner, to disable imageCleaner please set Spec.SecurityProfile.ImageCleaner.Enabled to false", + wantErr: "AzureManagedControlPlane.infrastructure.cluster.x-k8s.io \"\" is invalid: spec.securityProfile.imageCleaner: Invalid value: \"null\": cannot unset Spec.SecurityProfile.ImageCleaner, to disable imageCleaner please set Spec.SecurityProfile.ImageCleaner.Enabled to false", }, { name: "AzureManagedControlPlane SecurityProfile.ImageCleaner is mutable", @@ -4248,7 +4250,7 @@ func TestValidateAMCPVirtualNetwork(t *testing.T) { err := mcpw.Default(context.Background(), tc.amcp) g.Expect(err).NotTo(HaveOccurred()) - errs := validateAMCPVirtualNetwork(tc.amcp.Spec.VirtualNetwork, field.NewPath("spec", "VirtualNetwork")) + errs := validateAMCPVirtualNetwork(tc.amcp.Spec.VirtualNetwork, field.NewPath("spec", "virtualNetwork")) if tc.wantErr != "" { g.Expect(errs).ToNot(BeEmpty()) g.Expect(errs[0].Detail).To(Equal(tc.wantErr)) diff --git a/api/v1beta1/azuremanagedcontrolplanetemplate_webhook.go b/api/v1beta1/azuremanagedcontrolplanetemplate_webhook.go index f9d820744b7..f2b25b36743 100644 --- a/api/v1beta1/azuremanagedcontrolplanetemplate_webhook.go +++ b/api/v1beta1/azuremanagedcontrolplanetemplate_webhook.go @@ -89,49 +89,49 @@ func (mcpw *azureManagedControlPlaneTemplateWebhook) ValidateUpdate(ctx context. return nil, apierrors.NewBadRequest("expected an AzureManagedControlPlaneTemplate") } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "SubscriptionID"), + field.NewPath("spec", "template", "spec", "subscriptionID"), old.Spec.Template.Spec.SubscriptionID, mcp.Spec.Template.Spec.SubscriptionID); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "Location"), + field.NewPath("spec", "template", "spec", "location"), old.Spec.Template.Spec.Location, mcp.Spec.Template.Spec.Location); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "DNSServiceIP"), + field.NewPath("spec", "template", "spec", "dnsServiceIP"), old.Spec.Template.Spec.DNSServiceIP, mcp.Spec.Template.Spec.DNSServiceIP); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "NetworkPlugin"), + field.NewPath("spec", "template", "spec", "networkPlugin"), old.Spec.Template.Spec.NetworkPlugin, mcp.Spec.Template.Spec.NetworkPlugin); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "NetworkPolicy"), + field.NewPath("spec", "template", "spec", "networkPolicy"), old.Spec.Template.Spec.NetworkPolicy, mcp.Spec.Template.Spec.NetworkPolicy); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "NetworkDataplane"), + field.NewPath("spec", "template", "spec", "networkDataplane"), old.Spec.Template.Spec.NetworkDataplane, mcp.Spec.Template.Spec.NetworkDataplane); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "LoadBalancerSKU"), + field.NewPath("spec", "template", "spec", "loadBalancerSKU"), old.Spec.Template.Spec.LoadBalancerSKU, mcp.Spec.Template.Spec.LoadBalancerSKU); err != nil { allErrs = append(allErrs, err) @@ -141,21 +141,21 @@ func (mcpw *azureManagedControlPlaneTemplateWebhook) ValidateUpdate(ctx context. if mcp.Spec.Template.Spec.AADProfile == nil { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Template", "Spec", "AADProfile"), + field.NewPath("spec", "template", "spec", "aadProfile"), mcp.Spec.Template.Spec.AADProfile, "field cannot be nil, cannot disable AADProfile")) } else { if !mcp.Spec.Template.Spec.AADProfile.Managed && old.Spec.Template.Spec.AADProfile.Managed { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Template", "Spec", "AADProfile.Managed"), + field.NewPath("spec", "template", "spec", "aadProfile", "managed"), mcp.Spec.Template.Spec.AADProfile.Managed, "cannot set AADProfile.Managed to false")) } if len(mcp.Spec.Template.Spec.AADProfile.AdminGroupObjectIDs) == 0 { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Template", "Spec", "AADProfile.AdminGroupObjectIDs"), + field.NewPath("spec", "template", "spec", "aadProfile", "adminGroupObjectIDs"), mcp.Spec.Template.Spec.AADProfile.AdminGroupObjectIDs, "length of AADProfile.AdminGroupObjectIDs cannot be zero")) } @@ -166,7 +166,7 @@ func (mcpw *azureManagedControlPlaneTemplateWebhook) ValidateUpdate(ctx context. // Updating outboundType after cluster creation (PREVIEW) // https://learn.microsoft.com/en-us/azure/aks/egress-outboundtype#updating-outboundtype-after-cluster-creation-preview if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "OutboundType"), + field.NewPath("spec", "template", "spec", "outboundType"), old.Spec.Template.Spec.OutboundType, mcp.Spec.Template.Spec.OutboundType); err != nil { allErrs = append(allErrs, err) @@ -200,11 +200,11 @@ func (mcp *AzureManagedControlPlaneTemplate) validateManagedControlPlaneTemplate allErrs = append(allErrs, validateVersion( mcp.Spec.Template.Spec.Version, - field.NewPath("spec").Child("template").Child("spec").Child("Version"))...) + field.NewPath("spec").Child("template").Child("spec").Child("version"))...) allErrs = append(allErrs, validateLoadBalancerProfile( mcp.Spec.Template.Spec.LoadBalancerProfile, - field.NewPath("spec").Child("template").Child("spec").Child("LoadBalancerProfile"))...) + field.NewPath("spec").Child("template").Child("spec").Child("loadBalancerProfile"))...) allErrs = append(allErrs, validateManagedClusterNetwork( cli, @@ -214,21 +214,21 @@ func (mcp *AzureManagedControlPlaneTemplate) validateManagedControlPlaneTemplate mcp.Spec.Template.Spec.VirtualNetwork.Subnet, field.NewPath("spec").Child("template").Child("spec"))...) - allErrs = append(allErrs, validateName(mcp.Name, field.NewPath("Name"))...) + allErrs = append(allErrs, validateName(mcp.Name, field.NewPath("name"))...) - allErrs = append(allErrs, validateAutoScalerProfile(mcp.Spec.Template.Spec.AutoScalerProfile, field.NewPath("spec").Child("template").Child("spec").Child("AutoScalerProfile"))...) + allErrs = append(allErrs, validateAutoScalerProfile(mcp.Spec.Template.Spec.AutoScalerProfile, field.NewPath("spec").Child("template").Child("spec").Child("autoScalerProfile"))...) - allErrs = append(allErrs, validateAKSExtensions(mcp.Spec.Template.Spec.Extensions, field.NewPath("spec").Child("Extensions"))...) + allErrs = append(allErrs, validateAKSExtensions(mcp.Spec.Template.Spec.Extensions, field.NewPath("spec").Child("extensions"))...) allErrs = append(allErrs, mcp.Spec.Template.Spec.AzureManagedControlPlaneClassSpec.validateSecurityProfile()...) - allErrs = append(allErrs, validateNetworkPolicy(mcp.Spec.Template.Spec.NetworkPolicy, mcp.Spec.Template.Spec.NetworkDataplane, field.NewPath("spec").Child("template").Child("spec").Child("NetworkPolicy"))...) + allErrs = append(allErrs, validateNetworkPolicy(mcp.Spec.Template.Spec.NetworkPolicy, mcp.Spec.Template.Spec.NetworkDataplane, field.NewPath("spec").Child("template").Child("spec").Child("networkPolicy"))...) - allErrs = append(allErrs, validateNetworkDataplane(mcp.Spec.Template.Spec.NetworkDataplane, mcp.Spec.Template.Spec.NetworkPolicy, mcp.Spec.Template.Spec.NetworkPluginMode, field.NewPath("spec").Child("template").Child("spec").Child("NetworkDataplane"))...) + allErrs = append(allErrs, validateNetworkDataplane(mcp.Spec.Template.Spec.NetworkDataplane, mcp.Spec.Template.Spec.NetworkPolicy, mcp.Spec.Template.Spec.NetworkPluginMode, field.NewPath("spec").Child("template").Child("spec").Child("networkDataplane"))...) - allErrs = append(allErrs, validateAPIServerAccessProfile(mcp.Spec.Template.Spec.APIServerAccessProfile, field.NewPath("spec").Child("template").Child("spec").Child("APIServerAccessProfile"))...) + allErrs = append(allErrs, validateAPIServerAccessProfile(mcp.Spec.Template.Spec.APIServerAccessProfile, field.NewPath("spec").Child("template").Child("spec").Child("apiServerAccessProfile"))...) - allErrs = append(allErrs, validateAMCPVirtualNetwork(mcp.Spec.Template.Spec.VirtualNetwork, field.NewPath("spec").Child("template").Child("spec").Child("VirtualNetwork"))...) + allErrs = append(allErrs, validateAMCPVirtualNetwork(mcp.Spec.Template.Spec.VirtualNetwork, field.NewPath("spec").Child("template").Child("spec").Child("virtualNetwork"))...) return allErrs.ToAggregate() } @@ -242,7 +242,7 @@ func (mcpw *azureManagedControlPlaneTemplateWebhook) ValidateDelete(ctx context. func (mcp *AzureManagedControlPlaneTemplate) validateK8sVersionUpdate(old *AzureManagedControlPlaneTemplate) field.ErrorList { var allErrs field.ErrorList if hv := versions.GetHigherK8sVersion(mcp.Spec.Template.Spec.Version, old.Spec.Template.Spec.Version); hv != mcp.Spec.Template.Spec.Version { - allErrs = append(allErrs, field.Invalid(field.NewPath("Spec", "Template", "Spec", "Version"), + allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "template", "spec", "version"), mcp.Spec.Template.Spec.Version, "field version cannot be downgraded"), ) } @@ -256,7 +256,7 @@ func (mcp *AzureManagedControlPlaneTemplate) validateVirtualNetworkTemplateUpdat if old.Spec.Template.Spec.VirtualNetwork.CIDRBlock != mcp.Spec.Template.Spec.VirtualNetwork.CIDRBlock { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Template", "Spec", "VirtualNetwork.CIDRBlock"), + field.NewPath("spec", "template", "spec", "virtualNetwork", "cidrBlock"), mcp.Spec.Template.Spec.VirtualNetwork.CIDRBlock, "Virtual Network CIDRBlock is immutable")) } @@ -264,7 +264,7 @@ func (mcp *AzureManagedControlPlaneTemplate) validateVirtualNetworkTemplateUpdat if old.Spec.Template.Spec.VirtualNetwork.Subnet.Name != mcp.Spec.Template.Spec.VirtualNetwork.Subnet.Name { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Template", "Spec", "VirtualNetwork.Subnet.Name"), + field.NewPath("spec", "template", "spec", "virtualNetwork", "subnet", "name"), mcp.Spec.Template.Spec.VirtualNetwork.Subnet.Name, "Subnet Name is immutable")) } @@ -276,7 +276,7 @@ func (mcp *AzureManagedControlPlaneTemplate) validateVirtualNetworkTemplateUpdat if old.Spec.Template.Spec.VirtualNetwork.Subnet.CIDRBlock != mcp.Spec.Template.Spec.VirtualNetwork.Subnet.CIDRBlock { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Template", "Spec", "VirtualNetwork.Subnet.CIDRBlock"), + field.NewPath("spec", "template", "spec", "virtualNetwork", "subnet", "cidrBlock"), mcp.Spec.Template.Spec.VirtualNetwork.Subnet.CIDRBlock, "Subnet CIDRBlock is immutable")) } @@ -315,7 +315,7 @@ func (mcp *AzureManagedControlPlaneTemplate) validateAPIServerAccessProfileTempl if !reflect.DeepEqual(newAPIServerAccessProfileNormalized, oldAPIServerAccessProfileNormalized) { allErrs = append(allErrs, - field.Invalid(field.NewPath("Spec", "Template", "Spec", "APIServerAccessProfile"), + field.Invalid(field.NewPath("spec", "template", "spec", "apiServerAccessProfile"), mcp.Spec.Template.Spec.APIServerAccessProfile, "fields are immutable"), ) } diff --git a/api/v1beta1/azuremanagedmachinepool_webhook.go b/api/v1beta1/azuremanagedmachinepool_webhook.go index c5cee706f49..d5abde51657 100644 --- a/api/v1beta1/azuremanagedmachinepool_webhook.go +++ b/api/v1beta1/azuremanagedmachinepool_webhook.go @@ -103,44 +103,44 @@ func (mw *azureManagedMachinePoolWebhook) ValidateCreate(ctx context.Context, ob errs = append(errs, validateMaxPods( m.Spec.MaxPods, - field.NewPath("Spec", "MaxPods"))) + field.NewPath("spec", "maxPods"))) errs = append(errs, validateOSType( m.Spec.Mode, m.Spec.OSType, - field.NewPath("Spec", "OSType"))) + field.NewPath("spec", "osType"))) errs = append(errs, validateMPName( m.Name, m.Spec.Name, m.Spec.OSType, - field.NewPath("Spec", "Name"))) + field.NewPath("spec", "name"))) errs = append(errs, validateNodeLabels( m.Spec.NodeLabels, - field.NewPath("Spec", "NodeLabels"))) + field.NewPath("spec", "nodeLabels"))) errs = append(errs, validateNodePublicIPPrefixID( m.Spec.NodePublicIPPrefixID, - field.NewPath("Spec", "NodePublicIPPrefixID"))) + field.NewPath("spec", "nodePublicIPPrefixID"))) errs = append(errs, validateEnableNodePublicIP( m.Spec.EnableNodePublicIP, m.Spec.NodePublicIPPrefixID, - field.NewPath("Spec", "EnableNodePublicIP"))) + field.NewPath("spec", "enableNodePublicIP"))) errs = append(errs, validateKubeletConfig( m.Spec.KubeletConfig, - field.NewPath("Spec", "KubeletConfig"))) + field.NewPath("spec", "kubeletConfig"))) errs = append(errs, validateLinuxOSConfig( m.Spec.LinuxOSConfig, m.Spec.KubeletConfig, - field.NewPath("Spec", "LinuxOSConfig"))) + field.NewPath("spec", "linuxOSConfig"))) errs = append(errs, validateMPSubnetName( m.Spec.SubnetName, - field.NewPath("Spec", "SubnetName"))) + field.NewPath("spec", "subnetName"))) return nil, kerrors.NewAggregate(errs) } @@ -158,57 +158,57 @@ func (mw *azureManagedMachinePoolWebhook) ValidateUpdate(ctx context.Context, ol var allErrs field.ErrorList if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Name"), + field.NewPath("spec", "name"), old.Spec.Name, m.Spec.Name); err != nil { allErrs = append(allErrs, err) } - if err := validateNodeLabels(m.Spec.NodeLabels, field.NewPath("Spec", "NodeLabels")); err != nil { + if err := validateNodeLabels(m.Spec.NodeLabels, field.NewPath("spec", "nodeLabels")); err != nil { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "NodeLabels"), + field.NewPath("spec", "nodeLabels"), m.Spec.NodeLabels, err.Error())) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "OSType"), + field.NewPath("spec", "osType"), old.Spec.OSType, m.Spec.OSType); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "SKU"), + field.NewPath("spec", "sku"), old.Spec.SKU, m.Spec.SKU); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "OSDiskSizeGB"), + field.NewPath("spec", "osDiskSizeGB"), old.Spec.OSDiskSizeGB, m.Spec.OSDiskSizeGB); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "SubnetName"), + field.NewPath("spec", "subnetName"), old.Spec.SubnetName, m.Spec.SubnetName); err != nil && old.Spec.SubnetName != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "EnableFIPS"), + field.NewPath("spec", "enableFIPS"), old.Spec.EnableFIPS, m.Spec.EnableFIPS); err != nil && old.Spec.EnableFIPS != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "EnableEncryptionAtHost"), + field.NewPath("spec", "enableEncryptionAtHost"), old.Spec.EnableEncryptionAtHost, m.Spec.EnableEncryptionAtHost); err != nil && old.Spec.EnableEncryptionAtHost != nil { allErrs = append(allErrs, err) @@ -217,7 +217,7 @@ func (mw *azureManagedMachinePoolWebhook) ValidateUpdate(ctx context.Context, ol if !webhookutils.EnsureStringSlicesAreEquivalent(m.Spec.AvailabilityZones, old.Spec.AvailabilityZones) { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "AvailabilityZones"), + field.NewPath("spec", "availabilityZones"), m.Spec.AvailabilityZones, "field is immutable")) } @@ -226,67 +226,67 @@ func (mw *azureManagedMachinePoolWebhook) ValidateUpdate(ctx context.Context, ol // validate for last system node pool if err := validateLastSystemNodePool(mw.Client, m.Labels, m.Namespace, m.Annotations); err != nil { allErrs = append(allErrs, field.Forbidden( - field.NewPath("Spec", "Mode"), + field.NewPath("spec", "mode"), "Cannot change node pool mode to User, you must have at least one System node pool in your cluster")) } } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "MaxPods"), + field.NewPath("spec", "maxPods"), old.Spec.MaxPods, m.Spec.MaxPods); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "OsDiskType"), + field.NewPath("spec", "osDiskType"), old.Spec.OsDiskType, m.Spec.OsDiskType); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "ScaleSetPriority"), + field.NewPath("spec", "scaleSetPriority"), old.Spec.ScaleSetPriority, m.Spec.ScaleSetPriority); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "EnableUltraSSD"), + field.NewPath("spec", "enableUltraSSD"), old.Spec.EnableUltraSSD, m.Spec.EnableUltraSSD); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "EnableNodePublicIP"), + field.NewPath("spec", "enableNodePublicIP"), old.Spec.EnableNodePublicIP, m.Spec.EnableNodePublicIP); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "NodePublicIPPrefixID"), + field.NewPath("spec", "nodePublicIPPrefixID"), old.Spec.NodePublicIPPrefixID, m.Spec.NodePublicIPPrefixID); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "KubeletConfig"), + field.NewPath("spec", "kubeletConfig"), old.Spec.KubeletConfig, m.Spec.KubeletConfig); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "KubeletDiskType"), + field.NewPath("spec", "kubeletDiskType"), old.Spec.KubeletDiskType, m.Spec.KubeletDiskType); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "LinuxOSConfig"), + field.NewPath("spec", "linuxOSConfig"), old.Spec.LinuxOSConfig, m.Spec.LinuxOSConfig); err != nil { allErrs = append(allErrs, err) diff --git a/api/v1beta1/azuremanagedmachinepool_webhook_test.go b/api/v1beta1/azuremanagedmachinepool_webhook_test.go index 8f233f7f25d..442de80d4a5 100644 --- a/api/v1beta1/azuremanagedmachinepool_webhook_test.go +++ b/api/v1beta1/azuremanagedmachinepool_webhook_test.go @@ -1307,27 +1307,29 @@ func TestAzureManagedMachinePool_ValidateCreate(t *testing.T) { func TestAzureManagedMachinePool_ValidateCreateFailure(t *testing.T) { tests := []struct { - name string - ammp *AzureManagedMachinePool - deferFunc func() - expectError bool + name string + ammp *AzureManagedMachinePool + featureGateEnabled *bool + expectError bool }{ { - name: "feature gate explicitly disabled", - ammp: getKnownValidAzureManagedMachinePool(), - deferFunc: utilfeature.SetFeatureGateDuringTest(t, feature.Gates, capifeature.MachinePool, false), - expectError: true, + name: "feature gate explicitly disabled", + ammp: getKnownValidAzureManagedMachinePool(), + featureGateEnabled: ptr.To(false), + expectError: true, }, { - name: "feature gate implicitly enabled", - ammp: getKnownValidAzureManagedMachinePool(), - deferFunc: func() {}, - expectError: false, + name: "feature gate implicitly enabled", + ammp: getKnownValidAzureManagedMachinePool(), + featureGateEnabled: nil, + expectError: false, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { - defer tc.deferFunc() + if tc.featureGateEnabled != nil { + defer utilfeature.SetFeatureGateDuringTest(t, feature.Gates, capifeature.MachinePool, *tc.featureGateEnabled)() + } g := NewWithT(t) mw := &azureManagedMachinePoolWebhook{} _, err := mw.ValidateCreate(context.Background(), tc.ammp) diff --git a/api/v1beta1/azuremanagedmachinepooltemplate_webhook.go b/api/v1beta1/azuremanagedmachinepooltemplate_webhook.go index cc156d2ec42..9a85c5e1107 100644 --- a/api/v1beta1/azuremanagedmachinepooltemplate_webhook.go +++ b/api/v1beta1/azuremanagedmachinepooltemplate_webhook.go @@ -89,40 +89,40 @@ func (mpw *azureManagedMachinePoolTemplateWebhook) ValidateCreate(ctx context.Co errs = append(errs, validateMaxPods( mp.Spec.Template.Spec.MaxPods, - field.NewPath("Spec", "Template", "Spec", "MaxPods"))) + field.NewPath("spec", "template", "spec", "maxPods"))) errs = append(errs, validateOSType( mp.Spec.Template.Spec.Mode, mp.Spec.Template.Spec.OSType, - field.NewPath("Spec", "Template", "Spec", "OSType"))) + field.NewPath("spec", "template", "spec", "osType"))) errs = append(errs, validateMPName( mp.Name, mp.Spec.Template.Spec.Name, mp.Spec.Template.Spec.OSType, - field.NewPath("Spec", "Template", "Spec", "Name"))) + field.NewPath("spec", "template", "spec", "name"))) errs = append(errs, validateNodeLabels( mp.Spec.Template.Spec.NodeLabels, - field.NewPath("Spec", "Template", "Spec", "NodeLabels"))) + field.NewPath("spec", "template", "spec", "nodeLabels"))) errs = append(errs, validateNodePublicIPPrefixID( mp.Spec.Template.Spec.NodePublicIPPrefixID, - field.NewPath("Spec", "Template", "Spec", "NodePublicIPPrefixID"))) + field.NewPath("spec", "template", "spec", "nodePublicIPPrefixID"))) errs = append(errs, validateEnableNodePublicIP( mp.Spec.Template.Spec.EnableNodePublicIP, mp.Spec.Template.Spec.NodePublicIPPrefixID, - field.NewPath("Spec", "Template", "Spec", "EnableNodePublicIP"))) + field.NewPath("spec", "template", "spec", "enableNodePublicIP"))) errs = append(errs, validateKubeletConfig( mp.Spec.Template.Spec.KubeletConfig, - field.NewPath("Spec", "Template", "Spec", "KubeletConfig"))) + field.NewPath("spec", "template", "spec", "kubeletConfig"))) errs = append(errs, validateLinuxOSConfig( mp.Spec.Template.Spec.LinuxOSConfig, mp.Spec.Template.Spec.KubeletConfig, - field.NewPath("Spec", "Template", "Spec", "LinuxOSConfig"))) + field.NewPath("spec", "template", "spec", "linuxOSConfig"))) return nil, kerrors.NewAggregate(errs) } @@ -140,50 +140,50 @@ func (mpw *azureManagedMachinePoolTemplateWebhook) ValidateUpdate(ctx context.Co } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "Name"), + field.NewPath("spec", "template", "spec", "name"), old.Spec.Template.Spec.Name, mp.Spec.Template.Spec.Name); err != nil { allErrs = append(allErrs, err) } - if err := validateNodeLabels(mp.Spec.Template.Spec.NodeLabels, field.NewPath("Spec", "Template", "Spec", "NodeLabels")); err != nil { + if err := validateNodeLabels(mp.Spec.Template.Spec.NodeLabels, field.NewPath("spec", "template", "spec", "nodeLabels")); err != nil { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Template", "Spec", "NodeLabels"), + field.NewPath("spec", "template", "spec", "nodeLabels"), mp.Spec.Template.Spec.NodeLabels, err.Error())) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "OSType"), + field.NewPath("spec", "template", "spec", "osType"), old.Spec.Template.Spec.OSType, mp.Spec.Template.Spec.OSType); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "SKU"), + field.NewPath("spec", "template", "spec", "sku"), old.Spec.Template.Spec.SKU, mp.Spec.Template.Spec.SKU); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "OSDiskSizeGB"), + field.NewPath("spec", "template", "spec", "osDiskSizeGB"), old.Spec.Template.Spec.OSDiskSizeGB, mp.Spec.Template.Spec.OSDiskSizeGB); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "SubnetName"), + field.NewPath("spec", "template", "spec", "subnetName"), old.Spec.Template.Spec.SubnetName, mp.Spec.Template.Spec.SubnetName); err != nil && old.Spec.Template.Spec.SubnetName != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "EnableFIPS"), + field.NewPath("spec", "template", "spec", "enableFIPS"), old.Spec.Template.Spec.EnableFIPS, mp.Spec.Template.Spec.EnableFIPS); err != nil && old.Spec.Template.Spec.EnableFIPS != nil { allErrs = append(allErrs, err) @@ -192,7 +192,7 @@ func (mpw *azureManagedMachinePoolTemplateWebhook) ValidateUpdate(ctx context.Co if !webhookutils.EnsureStringSlicesAreEquivalent(mp.Spec.Template.Spec.AvailabilityZones, old.Spec.Template.Spec.AvailabilityZones) { allErrs = append(allErrs, field.Invalid( - field.NewPath("Spec", "Template", "Spec", "AvailabilityZones"), + field.NewPath("spec", "template", "spec", "availabilityZones"), mp.Spec.Template.Spec.AvailabilityZones, "field is immutable")) } @@ -201,67 +201,67 @@ func (mpw *azureManagedMachinePoolTemplateWebhook) ValidateUpdate(ctx context.Co // validate for last system node pool if err := validateLastSystemNodePool(mpw.Client, mp.Spec.Template.Spec.NodeLabels, mp.Namespace, mp.Annotations); err != nil { allErrs = append(allErrs, field.Forbidden( - field.NewPath("Spec", "Template", "Spec", "Mode"), + field.NewPath("spec", "template", "spec", "mode"), "Cannot change node pool mode to User, you must have at least one System node pool in your cluster")) } } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "MaxPods"), + field.NewPath("spec", "template", "spec", "maxPods"), old.Spec.Template.Spec.MaxPods, mp.Spec.Template.Spec.MaxPods); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "OsDiskType"), + field.NewPath("spec", "template", "spec", "osDiskType"), old.Spec.Template.Spec.OsDiskType, mp.Spec.Template.Spec.OsDiskType); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "ScaleSetPriority"), + field.NewPath("spec", "template", "spec", "scaleSetPriority"), old.Spec.Template.Spec.ScaleSetPriority, mp.Spec.Template.Spec.ScaleSetPriority); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "EnableUltraSSD"), + field.NewPath("spec", "template", "spec", "enableUltraSSD"), old.Spec.Template.Spec.EnableUltraSSD, mp.Spec.Template.Spec.EnableUltraSSD); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "EnableNodePublicIP"), + field.NewPath("spec", "template", "spec", "enableNodePublicIP"), old.Spec.Template.Spec.EnableNodePublicIP, mp.Spec.Template.Spec.EnableNodePublicIP); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "NodePublicIPPrefixID"), + field.NewPath("spec", "template", "spec", "nodePublicIPPrefixID"), old.Spec.Template.Spec.NodePublicIPPrefixID, mp.Spec.Template.Spec.NodePublicIPPrefixID); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "KubeletConfig"), + field.NewPath("spec", "template", "spec", "kubeletConfig"), old.Spec.Template.Spec.KubeletConfig, mp.Spec.Template.Spec.KubeletConfig); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "KubeletDiskType"), + field.NewPath("spec", "template", "spec", "kubeletDiskType"), old.Spec.Template.Spec.KubeletDiskType, mp.Spec.Template.Spec.KubeletDiskType); err != nil { allErrs = append(allErrs, err) } if err := webhookutils.ValidateImmutable( - field.NewPath("Spec", "Template", "Spec", "LinuxOSConfig"), + field.NewPath("spec", "template", "spec", "linuxOSConfig"), old.Spec.Template.Spec.LinuxOSConfig, mp.Spec.Template.Spec.LinuxOSConfig); err != nil { allErrs = append(allErrs, err) diff --git a/api/v1beta1/types.go b/api/v1beta1/types.go index 4cc74fb56f2..444bc50ca66 100644 --- a/api/v1beta1/types.go +++ b/api/v1beta1/types.go @@ -687,12 +687,45 @@ type DiskEncryptionSetParameters struct { ID string `json:"id,omitempty"` } +// DiffDiskPlacement - Specifies the ephemeral disk placement for operating system disk. This property can be used by user +// in the request to choose the location i.e, cache disk, resource disk or nvme disk space for +// Ephemeral OS disk provisioning. For more information on Ephemeral OS disk size requirements, please refer Ephemeral OS +// disk size requirements for Windows VM at +// https://docs.microsoft.com/azure/virtual-machines/windows/ephemeral-os-disks#size-requirements and Linux VM at +// https://docs.microsoft.com/azure/virtual-machines/linux/ephemeral-os-disks#size-requirements. +type DiffDiskPlacement string + +const ( + // DiffDiskPlacementCacheDisk places the OsDisk on cache disk. + DiffDiskPlacementCacheDisk DiffDiskPlacement = "CacheDisk" + + // DiffDiskPlacementNvmeDisk places the OsDisk on NVMe disk. + DiffDiskPlacementNvmeDisk DiffDiskPlacement = "NvmeDisk" + + // DiffDiskPlacementResourceDisk places the OsDisk on temp disk. + DiffDiskPlacementResourceDisk DiffDiskPlacement = "ResourceDisk" +) + +// PossibleDiffDiskPlacementValues returns the possible values for the DiffDiskPlacement const type. +func PossibleDiffDiskPlacementValues() []DiffDiskPlacement { + return []DiffDiskPlacement{ + DiffDiskPlacementCacheDisk, + DiffDiskPlacementNvmeDisk, + DiffDiskPlacementResourceDisk, + } +} + // DiffDiskSettings describe ephemeral disk settings for the os disk. type DiffDiskSettings struct { // Option enables ephemeral OS when set to "Local" // See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details // +kubebuilder:validation:Enum=Local Option string `json:"option"` + + // Placement specifies the ephemeral disk placement for operating system disk. If placement is specified, Option must be set to "Local". + // +kubebuilder:validation:Enum=CacheDisk;NvmeDisk;ResourceDisk + // +optional + Placement *DiffDiskPlacement `json:"placement,omitempty"` } // SubnetRole defines the unique role of a subnet. diff --git a/api/v1beta1/types_class.go b/api/v1beta1/types_class.go index 562e5bc58df..308c31492a0 100644 --- a/api/v1beta1/types_class.go +++ b/api/v1beta1/types_class.go @@ -473,7 +473,7 @@ type SubnetClassSpec struct { Name string `json:"name"` // Role defines the subnet role (eg. Node, ControlPlane) - // +kubebuilder:validation:Enum=node;control-plane;bastion;all + // +kubebuilder:validation:Enum=node;control-plane;bastion;cluster Role SubnetRole `json:"role"` // CIDRBlocks defines the subnet's address space, specified as one or more address prefixes in CIDR notation. diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index 2b1fc5cff89..8667e7d5012 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -2305,6 +2305,11 @@ func (in *Diagnostics) DeepCopy() *Diagnostics { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DiffDiskSettings) DeepCopyInto(out *DiffDiskSettings) { *out = *in + if in.Placement != nil { + in, out := &in.Placement, &out.Placement + *out = new(DiffDiskPlacement) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DiffDiskSettings. @@ -3212,7 +3217,7 @@ func (in *OSDisk) DeepCopyInto(out *OSDisk) { if in.DiffDiskSettings != nil { in, out := &in.DiffDiskSettings, &out.DiffDiskSettings *out = new(DiffDiskSettings) - **out = **in + (*in).DeepCopyInto(*out) } } diff --git a/azure/const.go b/azure/const.go index cae610d71ec..67319251a99 100644 --- a/azure/const.go +++ b/azure/const.go @@ -23,6 +23,12 @@ const ( // for annotation formatting rules. VMTagsLastAppliedAnnotation = "sigs.k8s.io/cluster-api-provider-azure-last-applied-tags-vm" + // VMSSTagsLastAppliedAnnotation is the key for the machine object annotation + // which tracks the AdditionalTags in the MachinePool Provider Config. + // See https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + // for annotation formatting rules. + VMSSTagsLastAppliedAnnotation = "sigs.k8s.io/cluster-api-provider-azure-last-applied-tags-vmss" + // RGTagsLastAppliedAnnotation is the key for the Azure Cluster object annotation // which tracks the AdditionalTags for Resource Group which is part in the Azure Cluster. // See https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ diff --git a/azure/converters/diagnostics.go b/azure/converters/diagnostics.go index bccb5d83b9f..c28c144847c 100644 --- a/azure/converters/diagnostics.go +++ b/azure/converters/diagnostics.go @@ -39,11 +39,13 @@ func GetDiagnosticsProfile(diagnostics *infrav1.Diagnostics) *armcompute.Diagnos }, } case infrav1.UserManagedDiagnosticsStorage: - return &armcompute.DiagnosticsProfile{ - BootDiagnostics: &armcompute.BootDiagnostics{ - Enabled: ptr.To(true), - StorageURI: &diagnostics.Boot.UserManaged.StorageAccountURI, - }, + if diagnostics.Boot.UserManaged != nil { + return &armcompute.DiagnosticsProfile{ + BootDiagnostics: &armcompute.BootDiagnostics{ + Enabled: ptr.To(true), + StorageURI: &diagnostics.Boot.UserManaged.StorageAccountURI, + }, + } } } } diff --git a/azure/converters/diagnostics_test.go b/azure/converters/diagnostics_test.go index 07741da659c..4af80a9da33 100644 --- a/azure/converters/diagnostics_test.go +++ b/azure/converters/diagnostics_test.go @@ -81,6 +81,16 @@ func TestGetDiagnosticsProfile(t *testing.T) { }, want: nil, }, + { + name: "nil diagnostics boot user managed", + diagnostics: &infrav1.Diagnostics{ + Boot: &infrav1.BootDiagnostics{ + StorageAccountType: infrav1.UserManagedDiagnosticsStorage, + UserManaged: nil, + }, + }, + want: nil, + }, } for _, tt := range tests { tt := tt diff --git a/azure/converters/spotinstances_test.go b/azure/converters/spotinstances_test.go index 867530804ad..b94a29755f7 100644 --- a/azure/converters/spotinstances_test.go +++ b/azure/converters/spotinstances_test.go @@ -93,6 +93,21 @@ func TestGetSpotVMOptions(t *testing.T) { billingProfile: nil, }, }, + { + name: "spot with ResourceDisk", + spot: &infrav1.SpotVMOptions{ + MaxPrice: nil, + }, + diffDiskSettings: &infrav1.DiffDiskSettings{ + Option: string(armcompute.DiffDiskOptionsLocal), + Placement: ptr.To(infrav1.DiffDiskPlacementResourceDisk), + }, + want: resultParams{ + vmPriorityTypes: ptr.To(armcompute.VirtualMachinePriorityTypesSpot), + vmEvictionPolicyTypes: nil, + billingProfile: nil, + }, + }, { name: "spot with eviction policy", spot: &infrav1.SpotVMOptions{ diff --git a/azure/defaults.go b/azure/defaults.go index 9dcf227b149..1de9f60b574 100644 --- a/azure/defaults.go +++ b/azure/defaults.go @@ -217,6 +217,11 @@ func VMID(subscriptionID, resourceGroup, vmName string) string { return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Compute/virtualMachines/%s", subscriptionID, resourceGroup, vmName) } +// VMSSID returns the azure resource ID for a given VMSS. +func VMSSID(subscriptionID, resourceGroup, vmssName string) string { + return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Compute/virtualMachineScaleSets/%s", subscriptionID, resourceGroup, vmssName) +} + // VNetID returns the azure resource ID for a given VNet. func VNetID(subscriptionID, resourceGroup, vnetName string) string { return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/virtualNetworks/%s", subscriptionID, resourceGroup, vnetName) diff --git a/azure/scope/clients.go b/azure/scope/clients.go index 84d0830ccf1..27bc8bbb6b1 100644 --- a/azure/scope/clients.go +++ b/azure/scope/clients.go @@ -27,6 +27,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore" azureautorest "github.com/Azure/go-autorest/autorest/azure" "github.com/Azure/go-autorest/autorest/azure/auth" + infrav1 "sigs.k8s.io/cluster-api-provider-azure/api/v1beta1" ) // AzureClients contains all the Azure clients used by the scopes. @@ -36,6 +37,8 @@ type AzureClients struct { TokenCredential azcore.TokenCredential ResourceManagerEndpoint string ResourceManagerVMDNSSuffix string + + authType infrav1.IdentityType } // CloudEnvironment returns the Azure environment the controller runs in. @@ -73,7 +76,7 @@ func (c *AzureClients) Token() azcore.TokenCredential { // ClientID). func (c *AzureClients) HashKey() string { hasher := sha256.New() - _, _ = hasher.Write([]byte(c.TenantID() + c.CloudEnvironment() + c.SubscriptionID() + c.ClientID())) + _, _ = hasher.Write([]byte(c.TenantID() + c.CloudEnvironment() + c.SubscriptionID() + c.ClientID() + string(c.authType))) return base64.URLEncoding.EncodeToString(hasher.Sum(nil)) } @@ -107,6 +110,8 @@ func (c *AzureClients) setCredentialsWithProvider(ctx context.Context, subscript } c.Values["AZURE_CLIENT_SECRET"] = strings.TrimSuffix(clientSecret, "\n") + c.authType = credentialsProvider.Type() + tokenCredential, err := credentialsProvider.GetTokenCredential(ctx, c.ResourceManagerEndpoint, c.Environment.ActiveDirectoryEndpoint, c.Environment.TokenAudience) if err != nil { return err diff --git a/azure/scope/cluster.go b/azure/scope/cluster.go index 6c4ffd20e68..00f3ac06cd6 100644 --- a/azure/scope/cluster.go +++ b/azure/scope/cluster.go @@ -77,7 +77,7 @@ func NewClusterScope(ctx context.Context, params ClusterScopeParams) (*ClusterSc return nil, errors.New("failed to generate new scope from nil AzureCluster") } - credentialsProvider, err := NewAzureClusterCredentialsProvider(ctx, params.Client, params.AzureCluster) + credentialsProvider, err := NewAzureCredentialsProvider(ctx, params.Client, params.AzureCluster.Spec.IdentityRef, params.AzureCluster.Namespace) if err != nil { return nil, errors.Wrap(err, "failed to init credentials provider") } @@ -582,9 +582,21 @@ func (s *ClusterScope) IsVnetManaged() bool { if s.cache.isVnetManaged != nil { return ptr.Deref(s.cache.isVnetManaged, false) } - isVnetManaged := s.Vnet().ID == "" || s.Vnet().Tags.HasOwned(s.ClusterName()) - s.cache.isVnetManaged = ptr.To(isVnetManaged) - return isVnetManaged + ctx := context.Background() + ctx, log, done := tele.StartSpanWithLogger(ctx, "scope.ClusterScope.IsVnetManaged") + defer done() + + vnet := s.VNetSpec().ResourceRef() + vnet.SetNamespace(s.ASOOwner().GetNamespace()) + err := s.Client.Get(ctx, client.ObjectKeyFromObject(vnet), vnet) + if err != nil { + log.Error(err, "Unable to determine if ClusterScope VNET is managed by capz, assuming unmanaged", "AzureCluster", s.ClusterName()) + return false + } + + isManaged := infrav1.Tags(vnet.Status.Tags).HasOwned(s.ClusterName()) + s.cache.isVnetManaged = ptr.To(isManaged) + return isManaged } // IsIPv6Enabled returns true if IPv6 is enabled. diff --git a/azure/scope/cluster_test.go b/azure/scope/cluster_test.go index 41776b43b53..83caf5ca700 100644 --- a/azure/scope/cluster_test.go +++ b/azure/scope/cluster_test.go @@ -930,9 +930,15 @@ func TestRouteTableSpecs(t *testing.T) { } func TestNatGatewaySpecs(t *testing.T) { + scheme := runtime.NewScheme() + _ = asonetworkv1api20201101.AddToScheme(scheme) + _ = corev1.AddToScheme(scheme) + _ = infrav1.AddToScheme(scheme) + tests := []struct { name string clusterScope ClusterScope + vnet asonetworkv1api20201101.VirtualNetwork want []azure.ASOResourceSpecGetter[*asonetworkv1api20220701.NatGateway] }{ { @@ -993,11 +999,24 @@ func TestNatGatewaySpecs(t *testing.T) { }, }, }, + Vnet: infrav1.VnetSpec{ + Name: "fake-vnet-1", + }, }, }, }, cache: &ClusterCache{}, }, + vnet: asonetworkv1api20201101.VirtualNetwork{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-vnet-1", + }, + Status: asonetworkv1api20201101.VirtualNetwork_STATUS{ + Tags: map[string]string{ + "sigs.k8s.io_cluster-api-provider-azure_cluster_my-cluster": "owned", + }, + }, + }, want: []azure.ASOResourceSpecGetter[*asonetworkv1api20220701.NatGateway]{ &natgateways.NatGatewaySpec{ Name: "fake-nat-gateway-1", @@ -1075,11 +1094,24 @@ func TestNatGatewaySpecs(t *testing.T) { }, }, }, + Vnet: infrav1.VnetSpec{ + Name: "fake-vnet-1", + }, }, }, }, cache: &ClusterCache{}, }, + vnet: asonetworkv1api20201101.VirtualNetwork{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-vnet-1", + }, + Status: asonetworkv1api20201101.VirtualNetwork_STATUS{ + Tags: map[string]string{ + "sigs.k8s.io_cluster-api-provider-azure_cluster_my-cluster": "owned", + }, + }, + }, want: []azure.ASOResourceSpecGetter[*asonetworkv1api20220701.NatGateway]{ &natgateways.NatGatewaySpec{ Name: "fake-nat-gateway-1", @@ -1156,11 +1188,24 @@ func TestNatGatewaySpecs(t *testing.T) { }, }, }, + Vnet: infrav1.VnetSpec{ + Name: "fake-vnet-1", + }, }, }, }, cache: &ClusterCache{}, }, + vnet: asonetworkv1api20201101.VirtualNetwork{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-vnet-1", + }, + Status: asonetworkv1api20201101.VirtualNetwork_STATUS{ + Tags: map[string]string{ + "sigs.k8s.io_cluster-api-provider-azure_cluster_my-cluster": "owned", + }, + }, + }, want: []azure.ASOResourceSpecGetter[*asonetworkv1api20220701.NatGateway]{ &natgateways.NatGatewaySpec{ Name: "fake-nat-gateway-1", @@ -1182,6 +1227,23 @@ func TestNatGatewaySpecs(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() + fakeIdentity := &infrav1.AzureClusterIdentity{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-identity", + Namespace: "default", + }, + Spec: infrav1.AzureClusterIdentitySpec{ + Type: infrav1.ServicePrincipal, + ClientID: fakeClientID, + TenantID: fakeTenantID, + }, + } + fakeSecret := &corev1.Secret{Data: map[string][]byte{"clientSecret": []byte("fooSecret")}} + + initObjects := []runtime.Object{&tt.vnet, fakeIdentity, fakeSecret} + fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(initObjects...).Build() + tt.clusterScope.Client = fakeClient + if got := tt.clusterScope.NatGatewaySpecs(); !reflect.DeepEqual(got, tt.want) { t.Errorf("NatGatewaySpecs() = %s, want %s", specArrayToString(got), specArrayToString(tt.want)) } @@ -1349,9 +1411,15 @@ func TestNSGSpecs(t *testing.T) { } func TestSubnetSpecs(t *testing.T) { + scheme := runtime.NewScheme() + _ = asonetworkv1api20201101.AddToScheme(scheme) + _ = corev1.AddToScheme(scheme) + _ = infrav1.AddToScheme(scheme) + tests := []struct { name string clusterScope ClusterScope + vnet asonetworkv1api20201101.VirtualNetwork want []azure.ASOResourceSpecGetter[*asonetworkv1api20201101.VirtualNetworksSubnet] }{ { @@ -1431,6 +1499,11 @@ func TestSubnetSpecs(t *testing.T) { }, cache: &ClusterCache{}, }, + vnet: asonetworkv1api20201101.VirtualNetwork{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-vnet-1", + }, + }, want: []azure.ASOResourceSpecGetter[*asonetworkv1api20201101.VirtualNetworksSubnet]{ &subnets.SubnetSpec{ Name: "fake-subnet-1", @@ -1536,6 +1609,11 @@ func TestSubnetSpecs(t *testing.T) { }, cache: &ClusterCache{}, }, + vnet: asonetworkv1api20201101.VirtualNetwork{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-vnet-1", + }, + }, want: []azure.ASOResourceSpecGetter[*asonetworkv1api20201101.VirtualNetworksSubnet]{ &subnets.SubnetSpec{ Name: "fake-subnet-1", @@ -1568,6 +1646,23 @@ func TestSubnetSpecs(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() + fakeIdentity := &infrav1.AzureClusterIdentity{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-identity", + Namespace: "default", + }, + Spec: infrav1.AzureClusterIdentitySpec{ + Type: infrav1.ServicePrincipal, + ClientID: fakeClientID, + TenantID: fakeTenantID, + }, + } + fakeSecret := &corev1.Secret{Data: map[string][]byte{"clientSecret": []byte("fooSecret")}} + + initObjects := []runtime.Object{&tt.vnet, fakeIdentity, fakeSecret} + fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(initObjects...).Build() + tt.clusterScope.Client = fakeClient + if got := tt.clusterScope.SubnetSpecs(); !reflect.DeepEqual(got, tt.want) { t.Errorf("SubnetSpecs() = \n%s, want \n%s", specArrayToString(got), specArrayToString(tt.want)) } @@ -1576,13 +1671,19 @@ func TestSubnetSpecs(t *testing.T) { } func TestIsVnetManaged(t *testing.T) { + scheme := runtime.NewScheme() + _ = asonetworkv1api20201101.AddToScheme(scheme) + _ = corev1.AddToScheme(scheme) + _ = infrav1.AddToScheme(scheme) + tests := []struct { name string clusterScope ClusterScope + vnet asonetworkv1api20201101.VirtualNetwork want bool }{ { - name: "VNET ID is empty", + name: "Wrong tags", clusterScope: ClusterScope{ Cluster: &clusterv1.Cluster{ ObjectMeta: metav1.ObjectMeta{ @@ -1593,36 +1694,22 @@ func TestIsVnetManaged(t *testing.T) { Spec: infrav1.AzureClusterSpec{ NetworkSpec: infrav1.NetworkSpec{ Vnet: infrav1.VnetSpec{ - ID: "", + Name: "fake-vnet-1", }, }, }, }, cache: &ClusterCache{}, }, - want: true, - }, - { - name: "Wrong tags", - clusterScope: ClusterScope{ - Cluster: &clusterv1.Cluster{ - ObjectMeta: metav1.ObjectMeta{ - Name: "my-cluster", - }, + vnet: asonetworkv1api20201101.VirtualNetwork{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-vnet-1", }, - AzureCluster: &infrav1.AzureCluster{ - Spec: infrav1.AzureClusterSpec{ - NetworkSpec: infrav1.NetworkSpec{ - Vnet: infrav1.VnetSpec{ - ID: "my-id", - VnetClassSpec: infrav1.VnetClassSpec{Tags: map[string]string{ - "key": "value", - }}, - }, - }, + Status: asonetworkv1api20201101.VirtualNetwork_STATUS{ + Tags: map[string]string{ + "key": "value", }, }, - cache: &ClusterCache{}, }, want: false, }, @@ -1638,16 +1725,23 @@ func TestIsVnetManaged(t *testing.T) { Spec: infrav1.AzureClusterSpec{ NetworkSpec: infrav1.NetworkSpec{ Vnet: infrav1.VnetSpec{ - ID: "my-id", - VnetClassSpec: infrav1.VnetClassSpec{Tags: map[string]string{ - "sigs.k8s.io_cluster-api-provider-azure_cluster_my-cluster": "owned", - }}, + Name: "fake-vnet-1", }, }, }, }, cache: &ClusterCache{}, }, + vnet: asonetworkv1api20201101.VirtualNetwork{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-vnet-1", + }, + Status: asonetworkv1api20201101.VirtualNetwork_STATUS{ + Tags: map[string]string{ + "sigs.k8s.io_cluster-api-provider-azure_cluster_my-cluster": "owned", + }, + }, + }, want: true, }, { @@ -1680,6 +1774,23 @@ func TestIsVnetManaged(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() + fakeIdentity := &infrav1.AzureClusterIdentity{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-identity", + Namespace: "default", + }, + Spec: infrav1.AzureClusterIdentitySpec{ + Type: infrav1.ServicePrincipal, + ClientID: fakeClientID, + TenantID: fakeTenantID, + }, + } + fakeSecret := &corev1.Secret{Data: map[string][]byte{"clientSecret": []byte("fooSecret")}} + + initObjects := []runtime.Object{&tt.vnet, fakeIdentity, fakeSecret} + fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(initObjects...).Build() + tt.clusterScope.Client = fakeClient + got := tt.clusterScope.IsVnetManaged() if !reflect.DeepEqual(got, tt.want) { t.Errorf("IsVnetManaged() = \n%t, want \n%t", got, tt.want) @@ -3642,7 +3753,8 @@ func TestVNetPeerings(t *testing.T) { AzureClusterClassSpec: infrav1.AzureClusterClassSpec{ SubscriptionID: tc.subscriptionID, IdentityRef: &corev1.ObjectReference{ - Kind: infrav1.AzureClusterIdentityKind, + Kind: infrav1.AzureClusterIdentityKind, + Namespace: clusterNamespace, }, }, NetworkSpec: infrav1.NetworkSpec{ diff --git a/azure/scope/identity.go b/azure/scope/identity.go index 4491e8a1c32..640c2c0ff49 100644 --- a/azure/scope/identity.go +++ b/azure/scope/identity.go @@ -41,6 +41,7 @@ type CredentialsProvider interface { GetClientSecret(ctx context.Context) (string, error) GetTenantID() string GetTokenCredential(ctx context.Context, resourceManagerEndpoint, activeDirectoryEndpoint, tokenAudience string) (azcore.TokenCredential, error) + Type() infrav1.IdentityType } // AzureCredentialsProvider represents a credential provider with azure cluster identity. @@ -49,87 +50,31 @@ type AzureCredentialsProvider struct { Identity *infrav1.AzureClusterIdentity } -// AzureClusterCredentialsProvider wraps AzureCredentialsProvider with AzureCluster. -type AzureClusterCredentialsProvider struct { - AzureCredentialsProvider - AzureCluster *infrav1.AzureCluster -} - -// ManagedControlPlaneCredentialsProvider wraps AzureCredentialsProvider with AzureManagedControlPlane. -type ManagedControlPlaneCredentialsProvider struct { - AzureCredentialsProvider - AzureManagedControlPlane *infrav1.AzureManagedControlPlane -} - -var _ CredentialsProvider = (*AzureClusterCredentialsProvider)(nil) -var _ CredentialsProvider = (*ManagedControlPlaneCredentialsProvider)(nil) - -// NewAzureClusterCredentialsProvider creates a new AzureClusterCredentialsProvider from the supplied inputs. -func NewAzureClusterCredentialsProvider(ctx context.Context, kubeClient client.Client, azureCluster *infrav1.AzureCluster) (*AzureClusterCredentialsProvider, error) { - if azureCluster.Spec.IdentityRef == nil { +// NewAzureCredentialsProvider creates a new AzureClusterCredentialsProvider from the supplied inputs. +func NewAzureCredentialsProvider(ctx context.Context, kubeClient client.Client, identityRef *corev1.ObjectReference, defaultNamespace string) (*AzureCredentialsProvider, error) { + if identityRef == nil { return nil, errors.New("failed to generate new AzureClusterCredentialsProvider from empty identityName") } - ref := azureCluster.Spec.IdentityRef // if the namespace isn't specified then assume it's in the same namespace as the AzureCluster - namespace := ref.Namespace + namespace := identityRef.Namespace if namespace == "" { - namespace = azureCluster.Namespace + namespace = defaultNamespace } identity := &infrav1.AzureClusterIdentity{} - key := client.ObjectKey{Name: ref.Name, Namespace: namespace} + key := client.ObjectKey{Name: identityRef.Name, Namespace: namespace} if err := kubeClient.Get(ctx, key, identity); err != nil { return nil, errors.Errorf("failed to retrieve AzureClusterIdentity external object %q/%q: %v", key.Namespace, key.Name, err) } - return &AzureClusterCredentialsProvider{ - AzureCredentialsProvider{ - Client: kubeClient, - Identity: identity, - }, - azureCluster, + return &AzureCredentialsProvider{ + Client: kubeClient, + Identity: identity, }, nil } // GetTokenCredential returns an Azure TokenCredential based on the provided azure identity. -func (p *AzureClusterCredentialsProvider) GetTokenCredential(ctx context.Context, resourceManagerEndpoint, activeDirectoryEndpoint, tokenAudience string) (azcore.TokenCredential, error) { - return p.AzureCredentialsProvider.GetTokenCredential(ctx, resourceManagerEndpoint, activeDirectoryEndpoint, tokenAudience, p.AzureCluster.ObjectMeta) -} - -// NewManagedControlPlaneCredentialsProvider creates a new ManagedControlPlaneCredentialsProvider from the supplied inputs. -func NewManagedControlPlaneCredentialsProvider(ctx context.Context, kubeClient client.Client, managedControlPlane *infrav1.AzureManagedControlPlane) (*ManagedControlPlaneCredentialsProvider, error) { - if managedControlPlane.Spec.IdentityRef == nil { - return nil, errors.New("failed to generate new ManagedControlPlaneCredentialsProvider from empty identityName") - } - - ref := managedControlPlane.Spec.IdentityRef - // if the namespace isn't specified then assume it's in the same namespace as the AzureManagedControlPlane - namespace := ref.Namespace - if namespace == "" { - namespace = managedControlPlane.Namespace - } - identity := &infrav1.AzureClusterIdentity{} - key := client.ObjectKey{Name: ref.Name, Namespace: namespace} - if err := kubeClient.Get(ctx, key, identity); err != nil { - return nil, errors.Errorf("failed to retrieve AzureClusterIdentity external object %q/%q: %v", key.Namespace, key.Name, err) - } - - return &ManagedControlPlaneCredentialsProvider{ - AzureCredentialsProvider{ - Client: kubeClient, - Identity: identity, - }, - managedControlPlane, - }, nil -} - -// GetTokenCredential returns an Azure TokenCredential based on the provided azure identity. -func (p *ManagedControlPlaneCredentialsProvider) GetTokenCredential(ctx context.Context, resourceManagerEndpoint, activeDirectoryEndpoint, tokenAudience string) (azcore.TokenCredential, error) { - return p.AzureCredentialsProvider.GetTokenCredential(ctx, resourceManagerEndpoint, activeDirectoryEndpoint, tokenAudience, p.AzureManagedControlPlane.ObjectMeta) -} - -// GetTokenCredential returns an Azure TokenCredential based on the provided azure identity. -func (p *AzureCredentialsProvider) GetTokenCredential(ctx context.Context, resourceManagerEndpoint, activeDirectoryEndpoint, tokenAudience string, clusterMeta metav1.ObjectMeta) (azcore.TokenCredential, error) { +func (p *AzureCredentialsProvider) GetTokenCredential(ctx context.Context, resourceManagerEndpoint, activeDirectoryEndpoint, tokenAudience string) (azcore.TokenCredential, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "azure.scope.AzureCredentialsProvider.GetTokenCredential") defer done() @@ -228,6 +173,11 @@ func (p *AzureCredentialsProvider) GetTenantID() string { return p.Identity.Spec.TenantID } +// Type returns the auth mechanism used. +func (p *AzureCredentialsProvider) Type() infrav1.IdentityType { + return p.Identity.Spec.Type +} + // hasClientSecret returns true if the identity has a Service Principal Client Secret. // This does not include managed identities. func (p *AzureCredentialsProvider) hasClientSecret() bool { diff --git a/azure/scope/identity_test.go b/azure/scope/identity_test.go index df0b6124c26..c9f8d4c5c6c 100644 --- a/azure/scope/identity_test.go +++ b/azure/scope/identity_test.go @@ -143,8 +143,7 @@ func TestHasClientSecret(t *testing.T) { name: "user assigned identity", identity: &infrav1.AzureClusterIdentity{ Spec: infrav1.AzureClusterIdentitySpec{ - Type: infrav1.UserAssignedMSI, - ResourceID: "my-resource-id", + Type: infrav1.UserAssignedMSI, }, }, want: false, @@ -352,7 +351,7 @@ func TestGetTokenCredential(t *testing.T) { initObjects = append(initObjects, tt.secret) } fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(initObjects...).Build() - provider, err := NewAzureClusterCredentialsProvider(context.Background(), fakeClient, tt.cluster) + provider, err := NewAzureCredentialsProvider(context.Background(), fakeClient, tt.cluster.Spec.IdentityRef, "") g.Expect(err).NotTo(HaveOccurred()) cred, err := provider.GetTokenCredential(context.Background(), "", tt.ActiveDirectoryAuthorityHost, "") g.Expect(err).NotTo(HaveOccurred()) diff --git a/azure/scope/machine.go b/azure/scope/machine.go index e5e2aac09fb..278e0f6afb2 100644 --- a/azure/scope/machine.go +++ b/azure/scope/machine.go @@ -508,7 +508,8 @@ func (m *MachineScope) AvailabilitySetSpec() azure.ResourceSpecGetter { func (m *MachineScope) AvailabilitySet() (string, bool) { // AvailabilitySet service is not supported on EdgeZone currently. // AvailabilitySet cannot be used with Spot instances. - if !m.AvailabilitySetEnabled() || m.AzureMachine.Spec.SpotVMOptions != nil || m.ExtendedLocation() != nil { + if !m.AvailabilitySetEnabled() || m.AzureMachine.Spec.SpotVMOptions != nil || m.ExtendedLocation() != nil || + m.AzureMachine.Spec.FailureDomain != nil || m.Machine.Spec.FailureDomain != nil { return "", false } diff --git a/azure/scope/machine_test.go b/azure/scope/machine_test.go index b06b3001ffd..98c772c51f5 100644 --- a/azure/scope/machine_test.go +++ b/azure/scope/machine_test.go @@ -1411,6 +1411,65 @@ func TestMachineScope_AvailabilitySet(t *testing.T) { wantAvailabilitySetName: "", wantAvailabilitySetExistence: false, }, + { + name: "returns empty and false if machine has failureDomain set", + machineScope: MachineScope{ + ClusterScoper: &ClusterScope{ + Cluster: &clusterv1.Cluster{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster", + }, + }, + AzureCluster: &infrav1.AzureCluster{ + Status: infrav1.AzureClusterStatus{}, + }, + }, + Machine: &clusterv1.Machine{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + clusterv1.MachineDeploymentNameLabel: "foo-machine-deployment", + }, + }, + Spec: clusterv1.MachineSpec{ + FailureDomain: ptr.To("1"), + }, + }, + AzureMachine: &infrav1.AzureMachine{ + Spec: infrav1.AzureMachineSpec{}, + }, + }, + wantAvailabilitySetName: "", + wantAvailabilitySetExistence: false, + }, + { + name: "returns empty and false if azureMachine has failureDomain set", + machineScope: MachineScope{ + ClusterScoper: &ClusterScope{ + Cluster: &clusterv1.Cluster{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster", + }, + }, + AzureCluster: &infrav1.AzureCluster{ + Status: infrav1.AzureClusterStatus{}, + }, + }, + Machine: &clusterv1.Machine{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + clusterv1.MachineDeploymentNameLabel: "foo-machine-deployment", + }, + }, + }, + AzureMachine: &infrav1.AzureMachine{ + Spec: infrav1.AzureMachineSpec{ + FailureDomain: ptr.To("1"), + }, + }, + }, + wantAvailabilitySetName: "", + wantAvailabilitySetExistence: false, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { diff --git a/azure/scope/machinepool.go b/azure/scope/machinepool.go index b7354bc9f53..58d49c1c1dc 100644 --- a/azure/scope/machinepool.go +++ b/azure/scope/machinepool.go @@ -20,6 +20,7 @@ import ( "context" "crypto/sha256" "encoding/base64" + "encoding/json" "fmt" "io" "strings" @@ -79,6 +80,7 @@ type ( capiMachinePoolPatchHelper *patch.Helper vmssState *azure.VMSS cache *MachinePoolCache + skuCache *resourceskus.Cache } // NodeStatus represents the status of a Kubernetes node. @@ -162,12 +164,15 @@ func (m *MachinePoolScope) InitMachinePoolCache(ctx context.Context) error { return err } - skuCache, err := resourceskus.GetCache(m, m.Location()) - if err != nil { - return err + if m.skuCache == nil { + skuCache, err := resourceskus.GetCache(m, m.Location()) + if err != nil { + return errors.Wrap(err, "failed to init resourceskus cache") + } + m.skuCache = skuCache } - m.cache.VMSKU, err = skuCache.Get(ctx, m.AzureMachinePool.Spec.Template.VMSize, resourceskus.VirtualMachines) + m.cache.VMSKU, err = m.skuCache.Get(ctx, m.AzureMachinePool.Spec.Template.VMSize, resourceskus.VirtualMachines) if err != nil { return errors.Wrapf(err, "failed to get VM SKU %s in compute api", m.AzureMachinePool.Spec.Template.VMSize) } @@ -209,7 +214,7 @@ func (m *MachinePoolScope) ScaleSetSpec(ctx context.Context) azure.ResourceSpecG SubscriptionID: m.SubscriptionID(), HasReplicasExternallyManaged: m.HasReplicasExternallyManaged(ctx), ClusterName: m.ClusterName(), - AdditionalTags: m.AzureMachinePool.Spec.AdditionalTags, + AdditionalTags: m.AdditionalTags(), PlatformFaultDomainCount: m.AzureMachinePool.Spec.PlatformFaultDomainCount, ZoneBalance: m.AzureMachinePool.Spec.ZoneBalance, } @@ -220,10 +225,8 @@ func (m *MachinePoolScope) ScaleSetSpec(ctx context.Context) azure.ResourceSpecG } if m.cache != nil { - if m.HasReplicasExternallyManaged(ctx) { - spec.ShouldPatchCustomData = m.cache.HasBootstrapDataChanges - log.V(4).Info("has bootstrap data changed?", "shouldPatchCustomData", spec.ShouldPatchCustomData) - } + spec.ShouldPatchCustomData = m.cache.HasBootstrapDataChanges + log.V(4).Info("has bootstrap data changed?", "shouldPatchCustomData", spec.ShouldPatchCustomData) spec.VMSSExtensionSpecs = m.VMSSExtensionSpecs() spec.SKU = m.cache.VMSKU spec.VMImage = m.cache.VMImage @@ -405,13 +408,40 @@ func (m *MachinePoolScope) applyAzureMachinePoolMachines(ctx context.Context) er } existingMachinesByProviderID := make(map[string]infrav1exp.AzureMachinePoolMachine, len(ampms)) - for _, machine := range ampms { - existingMachinesByProviderID[machine.Spec.ProviderID] = machine + for _, ampm := range ampms { + machine, err := util.GetOwnerMachine(ctx, m.client, ampm.ObjectMeta) + if err != nil { + return fmt.Errorf("failed to find owner machine for %s/%s: %w", ampm.Namespace, ampm.Name, err) + } + + if _, ampmHasDeleteAnnotation := ampm.Annotations[clusterv1.DeleteMachineAnnotation]; !ampmHasDeleteAnnotation { + // fetch Machine delete annotation from owner machine to AzureMachinePoolMachine. + // This ensures setting a deleteMachine annotation on the Machine has an effect on the AzureMachinePoolMachine + // and the deployment strategy, in case the automatic propagation of the annotation from Machine to AzureMachinePoolMachine + // hasn't been done yet. + if machine != nil && machine.Annotations != nil { + if _, hasDeleteAnnotation := machine.Annotations[clusterv1.DeleteMachineAnnotation]; hasDeleteAnnotation { + log.V(4).Info("fetched DeleteMachineAnnotation", "machine", ampm.Spec.ProviderID) + if ampm.Annotations == nil { + ampm.Annotations = make(map[string]string) + } + ampm.Annotations[clusterv1.DeleteMachineAnnotation] = machine.Annotations[clusterv1.DeleteMachineAnnotation] + } + } + } else { + log.V(4).Info("DeleteMachineAnnotation already set") + } + + existingMachinesByProviderID[ampm.Spec.ProviderID] = ampm } // determine which machines need to be created to reflect the current state in Azure azureMachinesByProviderID := m.vmssState.InstancesByProviderID(m.AzureMachinePool.Spec.OrchestrationMode) for key, val := range azureMachinesByProviderID { + if val.State == infrav1.Deleting || val.State == infrav1.Deleted { + log.V(4).Info("not recreating AzureMachinePoolMachine because VMSS VM is deleting", "providerID", key) + continue + } if _, ok := existingMachinesByProviderID[key]; !ok { log.V(4).Info("creating AzureMachinePoolMachine", "providerID", key) if err := m.createMachine(ctx, val); err != nil { @@ -533,7 +563,7 @@ func (m *MachinePoolScope) DeleteMachine(ctx context.Context, ampm infrav1exp.Az return errors.Wrapf(err, "error getting owner Machine for AzureMachinePoolMachine %s/%s", ampm.Namespace, ampm.Name) } if machine == nil { - log.V(2).Info("No owner Machine exists for AzureMachinePoolMachine", ampm, klog.KObj(&m)) + log.V(2).Info("No owner Machine exists for AzureMachinePoolMachine", "ampm", klog.KObj(&m)) // If the AzureMachinePoolMachine does not have an owner Machine, do not attempt to delete the AzureMachinePoolMachine as the MachinePool controller will create the // Machine and we want to let it catch up. If we are too hasty to delete, that introduces a race condition where the AzureMachinePoolMachine could be deleted // just as the Machine comes online. @@ -677,11 +707,9 @@ func (m *MachinePoolScope) Close(ctx context.Context) error { if err := m.updateReplicasAndProviderIDs(ctx); err != nil { return errors.Wrap(err, "failed to update replicas and providerIDs") } - if m.HasReplicasExternallyManaged(ctx) { - if err := m.updateCustomDataHash(ctx); err != nil { - // ignore errors to calculating the custom data hash since it's not absolutely crucial. - log.V(4).Error(err, "unable to update custom data hash, ignoring.") - } + if err := m.updateCustomDataHash(ctx); err != nil { + // ignore errors to calculating the custom data hash since it's not absolutely crucial. + log.V(4).Error(err, "unable to update custom data hash, ignoring.") } } @@ -946,3 +974,41 @@ func (m *MachinePoolScope) ReconcileReplicas(ctx context.Context, vmss *azure.VM return nil } + +// AnnotationJSON returns a map[string]interface from a JSON annotation. +func (m *MachinePoolScope) AnnotationJSON(annotation string) (map[string]interface{}, error) { + out := map[string]interface{}{} + jsonAnnotation := m.AzureMachinePool.GetAnnotations()[annotation] + if jsonAnnotation == "" { + return out, nil + } + err := json.Unmarshal([]byte(jsonAnnotation), &out) + if err != nil { + return out, err + } + return out, nil +} + +// UpdateAnnotationJSON updates the `annotation` with +// `content`. `content` in this case should be a `map[string]interface{}` +// suitable for turning into JSON. This `content` map will be marshalled into a +// JSON string before being set as the given `annotation`. +func (m *MachinePoolScope) UpdateAnnotationJSON(annotation string, content map[string]interface{}) error { + b, err := json.Marshal(content) + if err != nil { + return err + } + m.SetAnnotation(annotation, string(b)) + return nil +} + +// TagsSpecs returns the tags for the AzureMachinePool. +func (m *MachinePoolScope) TagsSpecs() []azure.TagsSpec { + return []azure.TagsSpec{ + { + Scope: azure.VMSSID(m.SubscriptionID(), m.NodeResourceGroup(), m.Name()), + Tags: m.AdditionalTags(), + Annotation: azure.VMSSTagsLastAppliedAnnotation, + }, + } +} diff --git a/azure/scope/machinepool_test.go b/azure/scope/machinepool_test.go index 0f410516f8d..f985d596da7 100644 --- a/azure/scope/machinepool_test.go +++ b/azure/scope/machinepool_test.go @@ -18,12 +18,17 @@ package scope import ( "context" + "crypto/sha256" + "encoding/base64" "fmt" + "io" "reflect" "testing" + "time" "github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5" azureautorest "github.com/Azure/go-autorest/autorest/azure" "github.com/Azure/go-autorest/autorest/azure/auth" . "github.com/onsi/gomega" @@ -1414,6 +1419,46 @@ func TestMachinePoolScope_applyAzureMachinePoolMachines(t *testing.T) { g.Expect(list.Items).Should(HaveLen(1)) }, }, + { + Name: "if MachinePool is not externally managed, and Machines have delete machine annotation, and overProvisionCount > 0, delete machines with deleteMachine annotation first", + Setup: func(mp *expv1.MachinePool, amp *infrav1exp.AzureMachinePool, vmssState *azure.VMSS, cb *fake.ClientBuilder) { + mp.Spec.Replicas = ptr.To[int32](2) + + mpm1, ampm1 := getAzureMachinePoolMachineWithOwnerMachine(1) + + mpm2, ampm2 := getAzureMachinePoolMachineWithOwnerMachine(2) + mpm2.Annotations = map[string]string{ + clusterv1.DeleteMachineAnnotation: time.Now().String(), + } + + mpm3, ampm3 := getAzureMachinePoolMachineWithOwnerMachine(3) + objects := []client.Object{&mpm1, &m1, &mpm2, &m2, &mpm3, &m3} + cb.WithObjects(objects...) + + vmssState.Instances = []azure.VMSSVM{ + { + ID: "/subscriptions/123/resourceGroups/my-rg/providers/Microsoft.Compute/virtualMachineScaleSets/my-vmss/virtualMachines/1", + Name: "ampm1", + }, + { + ID: "/subscriptions/123/resourceGroups/my-rg/providers/Microsoft.Compute/virtualMachineScaleSets/my-vmss/virtualMachines/2", + Name: "ampm2", + }, + { + ID: "/subscriptions/123/resourceGroups/my-rg/providers/Microsoft.Compute/virtualMachineScaleSets/my-vmss/virtualMachines/3", + Name: "ampm3", + }, + } + }, + Verify: func(g *WithT, amp *infrav1exp.AzureMachinePool, c client.Client, err error) { + g.Expect(err).NotTo(HaveOccurred()) + list := clusterv1.MachineList{} + g.Expect(c.List(ctx, &list)).NotTo(HaveOccurred()) + g.Expect(list.Items).Should(HaveLen(2)) + g.Expect(list.Items[0].Name).Should(Equal("mpm1")) + g.Expect(list.Items[1].Name).Should(Equal("mpm3")) + }, + }, { Name: "if existing MachinePool is not present, reduce replicas", Setup: func(mp *expv1.MachinePool, amp *infrav1exp.AzureMachinePool, vmssState *azure.VMSS, cb *fake.ClientBuilder) { @@ -1449,6 +1494,26 @@ func TestMachinePoolScope_applyAzureMachinePoolMachines(t *testing.T) { g.Expect(err).To(HaveOccurred()) }, }, + { + Name: "if existing MachinePool is present but in deleting state, do not recreate AzureMachinePoolMachines", + Setup: func(mp *expv1.MachinePool, amp *infrav1exp.AzureMachinePool, vmssState *azure.VMSS, cb *fake.ClientBuilder) { + mp.Spec.Replicas = ptr.To[int32](1) + + vmssState.Instances = []azure.VMSSVM{ + { + ID: "/subscriptions/123/resourceGroups/rg/providers/Microsoft.Compute/virtualMachines/vm", + Name: "vm", + State: infrav1.Deleting, + }, + } + }, + Verify: func(g *WithT, amp *infrav1exp.AzureMachinePool, c client.Client, err error) { + g.Expect(err).NotTo(HaveOccurred()) + list := infrav1exp.AzureMachinePoolMachineList{} + g.Expect(c.List(ctx, &list)).NotTo(HaveOccurred()) + g.Expect(list.Items).Should(BeEmpty()) + }, + }, } for _, tt := range tests { t.Run(tt.Name, func(t *testing.T) { @@ -1515,3 +1580,148 @@ func TestMachinePoolScope_applyAzureMachinePoolMachines(t *testing.T) { }) } } + +func TestBootstrapDataChanges(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + scheme := runtime.NewScheme() + _ = clusterv1.AddToScheme(scheme) + _ = infrav1.AddToScheme(scheme) + _ = infrav1exp.AddToScheme(scheme) + _ = corev1.AddToScheme(scheme) + + var ( + g = NewWithT(t) + mockCtrl = gomock.NewController(t) + cb = fake.NewClientBuilder().WithScheme(scheme) + cluster = &clusterv1.Cluster{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster1", + Namespace: "default", + }, + Spec: clusterv1.ClusterSpec{ + InfrastructureRef: &corev1.ObjectReference{ + Name: "azCluster1", + }, + }, + Status: clusterv1.ClusterStatus{ + InfrastructureReady: true, + }, + } + azureCluster = &infrav1.AzureCluster{ + ObjectMeta: metav1.ObjectMeta{ + Name: "azCluster1", + Namespace: "default", + }, + Spec: infrav1.AzureClusterSpec{ + AzureClusterClassSpec: infrav1.AzureClusterClassSpec{ + Location: "test", + }, + }, + } + mp = &expv1.MachinePool{ + ObjectMeta: metav1.ObjectMeta{ + Name: "mp1", + Namespace: "default", + OwnerReferences: []metav1.OwnerReference{ + { + Name: "cluster1", + Kind: "Cluster", + APIVersion: clusterv1.GroupVersion.String(), + }, + }, + }, + Spec: expv1.MachinePoolSpec{ + Template: clusterv1.MachineTemplateSpec{ + Spec: clusterv1.MachineSpec{ + Bootstrap: clusterv1.Bootstrap{ + DataSecretName: ptr.To("mp-secret"), + }, + Version: ptr.To("v1.31.0"), + }, + }, + }, + } + bootstrapData = "test" + bootstrapDataHash = sha256Hash(base64.StdEncoding.EncodeToString([]byte(bootstrapData))) + bootstrapSecret = corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "mp-secret", + Namespace: "default", + }, + Data: map[string][]byte{"value": []byte(bootstrapData)}, + } + amp = &infrav1exp.AzureMachinePool{ + ObjectMeta: metav1.ObjectMeta{ + Name: "amp1", + Namespace: "default", + OwnerReferences: []metav1.OwnerReference{ + { + Name: "mp1", + Kind: "MachinePool", + APIVersion: expv1.GroupVersion.String(), + }, + }, + Annotations: map[string]string{ + azure.CustomDataHashAnnotation: fmt.Sprintf("%x", bootstrapDataHash), + }, + }, + Spec: infrav1exp.AzureMachinePoolSpec{ + Template: infrav1exp.AzureMachinePoolMachineTemplate{ + Image: &infrav1.Image{}, + NetworkInterfaces: []infrav1.NetworkInterface{ + { + SubnetName: "test", + }, + }, + VMSize: "VM_SIZE", + }, + }, + } + vmssState = &azure.VMSS{} + ) + defer mockCtrl.Finish() + + s := &MachinePoolScope{ + client: cb. + WithObjects(&bootstrapSecret). + Build(), + ClusterScoper: &ClusterScope{ + Cluster: cluster, + AzureCluster: azureCluster, + }, + skuCache: resourceskus.NewStaticCache([]armcompute.ResourceSKU{ + { + Name: ptr.To("VM_SIZE"), + }, + }, "test"), + MachinePool: mp, + AzureMachinePool: amp, + vmssState: vmssState, + } + + g.Expect(s.InitMachinePoolCache(ctx)).NotTo(HaveOccurred()) + + spec := s.ScaleSetSpec(ctx) + sSpec := spec.(*scalesets.ScaleSetSpec) + g.Expect(sSpec.ShouldPatchCustomData).To(Equal(false)) + + amp.Annotations[azure.CustomDataHashAnnotation] = "old" + + // reset cache to be able to build up the cache again + s.cache = nil + g.Expect(s.InitMachinePoolCache(ctx)).NotTo(HaveOccurred()) + + spec = s.ScaleSetSpec(ctx) + sSpec = spec.(*scalesets.ScaleSetSpec) + g.Expect(sSpec.ShouldPatchCustomData).To(Equal(true)) +} + +func sha256Hash(text string) []byte { + h := sha256.New() + _, err := io.WriteString(h, text) + if err != nil { + panic(err) + } + return h.Sum(nil) +} diff --git a/azure/scope/managedcontrolplane.go b/azure/scope/managedcontrolplane.go index 916cef6c89a..81ac2da5741 100644 --- a/azure/scope/managedcontrolplane.go +++ b/azure/scope/managedcontrolplane.go @@ -90,7 +90,7 @@ func NewManagedControlPlaneScope(ctx context.Context, params ManagedControlPlane return nil, errors.New("failed to generate new scope from nil ControlPlane") } - credentialsProvider, err := NewManagedControlPlaneCredentialsProvider(ctx, params.Client, params.ControlPlane) + credentialsProvider, err := NewAzureCredentialsProvider(ctx, params.Client, params.ControlPlane.Spec.IdentityRef, params.ControlPlane.Namespace) if err != nil { return nil, errors.Wrap(err, "failed to init credentials provider") } diff --git a/azure/scope/strategies/machinepool_deployments/machinepool_deployment_strategy.go b/azure/scope/strategies/machinepool_deployments/machinepool_deployment_strategy.go index 2daaac8a464..30afa56a8ab 100644 --- a/azure/scope/strategies/machinepool_deployments/machinepool_deployment_strategy.go +++ b/azure/scope/strategies/machinepool_deployments/machinepool_deployment_strategy.go @@ -129,6 +129,7 @@ func (rollingUpdateStrategy rollingUpdateStrategy) SelectMachinesToDelete(ctx co } }() log = ctrl.LoggerFrom(ctx).V(4) + deleteAnnotatedMachines = order(getDeleteAnnotatedMachines(machinesByProviderID)) failedMachines = order(getFailedMachines(machinesByProviderID)) deletingMachines = order(getDeletingMachines(machinesByProviderID)) readyMachines = order(getReadyMachines(machinesByProviderID)) @@ -143,12 +144,10 @@ func (rollingUpdateStrategy rollingUpdateStrategy) SelectMachinesToDelete(ctx co }() ) - // Order AzureMachinePoolMachines with the clutserv1.DeleteMachineAnnotation to the front so that they have delete priority. + // Order AzureMachinePoolMachines with the clusterv1.DeleteMachineAnnotation to the front so that they have delete priority. // This allows MachinePool Machines to work with the autoscaler. failedMachines = orderByDeleteMachineAnnotation(failedMachines) deletingMachines = orderByDeleteMachineAnnotation(deletingMachines) - readyMachines = orderByDeleteMachineAnnotation(readyMachines) - machinesWithoutLatestModel = orderByDeleteMachineAnnotation(machinesWithoutLatestModel) log.Info("selecting machines to delete", "readyMachines", len(readyMachines), @@ -156,6 +155,7 @@ func (rollingUpdateStrategy rollingUpdateStrategy) SelectMachinesToDelete(ctx co "maxUnavailable", maxUnavailable, "disruptionBudget", disruptionBudget, "machinesWithoutTheLatestModel", len(machinesWithoutLatestModel), + "deleteAnnotatedMachines", len(deleteAnnotatedMachines), "failedMachines", len(failedMachines), "deletingMachines", len(deletingMachines), ) @@ -166,6 +166,12 @@ func (rollingUpdateStrategy rollingUpdateStrategy) SelectMachinesToDelete(ctx co return append(failedMachines, deletingMachines...), nil } + // if we have machines annotated with delete machine, remove them + if len(deleteAnnotatedMachines) > 0 { + log.Info("delete annotated machines", "desiredReplicaCount", desiredReplicaCount, "maxUnavailable", maxUnavailable, "deleteAnnotatedMachines", getProviderIDs(deleteAnnotatedMachines)) + return deleteAnnotatedMachines, nil + } + // if we have not yet reached our desired count, don't try to delete anything if len(readyMachines) < int(desiredReplicaCount) { log.Info("not enough ready machines", "desiredReplicaCount", desiredReplicaCount, "readyMachinesCount", len(readyMachines), "machinesByProviderID", len(machinesByProviderID)) @@ -224,6 +230,18 @@ func (rollingUpdateStrategy rollingUpdateStrategy) SelectMachinesToDelete(ctx co return toDelete, nil } +func getDeleteAnnotatedMachines(machinesByProviderID map[string]infrav1exp.AzureMachinePoolMachine) []infrav1exp.AzureMachinePoolMachine { + var machines []infrav1exp.AzureMachinePoolMachine + for _, v := range machinesByProviderID { + if v.Annotations != nil { + if _, hasDeleteAnnotation := v.Annotations[clusterv1.DeleteMachineAnnotation]; hasDeleteAnnotation { + machines = append(machines, v) + } + } + } + return machines +} + func getFailedMachines(machinesByProviderID map[string]infrav1exp.AzureMachinePoolMachine) []infrav1exp.AzureMachinePoolMachine { var machines []infrav1exp.AzureMachinePoolMachine for _, v := range machinesByProviderID { diff --git a/azure/scope/strategies/machinepool_deployments/machinepool_deployment_strategy_test.go b/azure/scope/strategies/machinepool_deployments/machinepool_deployment_strategy_test.go index 3ea709e7682..0d429f87b4c 100644 --- a/azure/scope/strategies/machinepool_deployments/machinepool_deployment_strategy_test.go +++ b/azure/scope/strategies/machinepool_deployments/machinepool_deployment_strategy_test.go @@ -239,7 +239,7 @@ func TestMachinePoolRollingUpdateStrategy_SelectMachinesToDelete(t *testing.T) { }), }, { - name: "if over-provisioned and has delete machine annotation, select machines those first and then by oldest", + name: "if machine has delete machine annotation, select those machines first", strategy: makeRollingUpdateStrategy(infrav1exp.MachineRollingUpdateDeployment{DeletePolicy: infrav1exp.OldestDeletePolicyType}), desiredReplicas: 2, input: map[string]infrav1exp.AzureMachinePoolMachine{ @@ -250,7 +250,6 @@ func TestMachinePoolRollingUpdateStrategy_SelectMachinesToDelete(t *testing.T) { }, want: gomega.DiffEq([]infrav1exp.AzureMachinePoolMachine{ makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(3 * time.Hour)), HasDeleteMachineAnnotation: true}), - makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(1 * time.Hour))}), }), }, { @@ -268,21 +267,6 @@ func TestMachinePoolRollingUpdateStrategy_SelectMachinesToDelete(t *testing.T) { makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(2 * time.Hour))}), }), }, - { - name: "if over-provisioned and has delete machine annotation, prioritize those machines first over creation date", - strategy: makeRollingUpdateStrategy(infrav1exp.MachineRollingUpdateDeployment{DeletePolicy: infrav1exp.OldestDeletePolicyType}), - desiredReplicas: 2, - input: map[string]infrav1exp.AzureMachinePoolMachine{ - "foo": makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(4 * time.Hour))}), - "bin": makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(3 * time.Hour)), HasDeleteMachineAnnotation: true}), - "baz": makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(2 * time.Hour))}), - "bar": makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(1 * time.Hour))}), - }, - want: gomega.DiffEq([]infrav1exp.AzureMachinePoolMachine{ - makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(3 * time.Hour)), HasDeleteMachineAnnotation: true}), - makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(1 * time.Hour))}), - }), - }, { name: "if over-provisioned, select machines ordered by newest first", strategy: makeRollingUpdateStrategy(infrav1exp.MachineRollingUpdateDeployment{DeletePolicy: infrav1exp.NewestDeletePolicyType}), @@ -298,21 +282,6 @@ func TestMachinePoolRollingUpdateStrategy_SelectMachinesToDelete(t *testing.T) { makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(3 * time.Hour))}), }), }, - { - name: "if over-provisioned and has delete machine annotation, select those machines first followed by newest", - strategy: makeRollingUpdateStrategy(infrav1exp.MachineRollingUpdateDeployment{DeletePolicy: infrav1exp.NewestDeletePolicyType}), - desiredReplicas: 2, - input: map[string]infrav1exp.AzureMachinePoolMachine{ - "foo": makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(4 * time.Hour))}), - "bin": makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(3 * time.Hour))}), - "baz": makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(2 * time.Hour))}), - "bar": makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(1 * time.Hour)), HasDeleteMachineAnnotation: true}), - }, - want: gomega.DiffEq([]infrav1exp.AzureMachinePoolMachine{ - makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(1 * time.Hour)), HasDeleteMachineAnnotation: true}), - makeAMPM(ampmOptions{Ready: true, LatestModel: true, ProvisioningState: succeeded, CreationTime: metav1.NewTime(baseTime.Add(4 * time.Hour))}), - }), - }, { name: "if over-provisioned but with an equivalent number marked for deletion, nothing to do; this is the case where Azure has not yet caught up to capz", strategy: makeRollingUpdateStrategy(infrav1exp.MachineRollingUpdateDeployment{DeletePolicy: infrav1exp.OldestDeletePolicyType}), diff --git a/azure/services/agentpools/agentpools_test.go b/azure/services/agentpools/agentpools_test.go index 0008051801e..ab0b759a6fc 100644 --- a/azure/services/agentpools/agentpools_test.go +++ b/azure/services/agentpools/agentpools_test.go @@ -20,8 +20,8 @@ import ( "context" "testing" - asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20230202preview" asocontainerservicev1 "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001" + asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231102preview" . "github.com/onsi/gomega" "github.com/pkg/errors" "go.uber.org/mock/gomock" diff --git a/azure/services/agentpools/spec.go b/azure/services/agentpools/spec.go index 5830d220871..913fe14d562 100644 --- a/azure/services/agentpools/spec.go +++ b/azure/services/agentpools/spec.go @@ -19,9 +19,9 @@ package agentpools import ( "context" - asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20230202preview" asocontainerservicev1 "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001" asocontainerservicev1hub "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001/storage" + asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231102preview" "github.com/Azure/azure-service-operator/v2/pkg/genruntime" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/azure/services/agentpools/spec_test.go b/azure/services/agentpools/spec_test.go index c75c639c8d3..ae25f798133 100644 --- a/azure/services/agentpools/spec_test.go +++ b/azure/services/agentpools/spec_test.go @@ -20,8 +20,8 @@ import ( "context" "testing" - asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20230202preview" asocontainerservicev1 "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001" + asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231102preview" "github.com/Azure/azure-service-operator/v2/pkg/genruntime" "github.com/google/go-cmp/cmp" . "github.com/onsi/gomega" diff --git a/azure/services/managedclusters/managedclusters.go b/azure/services/managedclusters/managedclusters.go index 8ba680cd26b..3878970703e 100644 --- a/azure/services/managedclusters/managedclusters.go +++ b/azure/services/managedclusters/managedclusters.go @@ -20,6 +20,7 @@ import ( "context" "fmt" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" asocontainerservicev1hub "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001/storage" "github.com/Azure/azure-service-operator/v2/pkg/genruntime" "github.com/pkg/errors" @@ -29,7 +30,6 @@ import ( infrav1 "sigs.k8s.io/cluster-api-provider-azure/api/v1beta1" "sigs.k8s.io/cluster-api-provider-azure/azure" "sigs.k8s.io/cluster-api-provider-azure/azure/services/aso" - "sigs.k8s.io/cluster-api-provider-azure/azure/services/token" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" "sigs.k8s.io/cluster-api/util/secret" "sigs.k8s.io/controller-runtime/pkg/client" @@ -148,7 +148,7 @@ func reconcileKubeconfig(ctx context.Context, scope ManagedClusterScope, namespa } if scope.AreLocalAccountsDisabled() { - userKubeconfigWithToken, err := getUserKubeConfigWithToken(userKubeConfigData, ctx, scope) + userKubeconfigWithToken, err := getUserKubeConfigWithToken(ctx, userKubeConfigData, scope) if err != nil { return nil, nil, errors.Wrap(err, "error while trying to get user kubeconfig with token") } @@ -190,28 +190,17 @@ func getUserKubeconfigData(ctx context.Context, scope ManagedClusterScope, names } // getUserKubeConfigWithToken returns the kubeconfig with user token, for capz to create the target cluster. -func getUserKubeConfigWithToken(userKubeConfigData []byte, ctx context.Context, scope azure.Authorizer) ([]byte, error) { - tokenClient, err := token.NewClient(scope) - if err != nil { - return nil, errors.Wrap(err, "error while getting aad token client") - } - - token, err := tokenClient.GetAzureActiveDirectoryToken(ctx, aadResourceID) +func getUserKubeConfigWithToken(ctx context.Context, userKubeConfigData []byte, auth azure.Authorizer) ([]byte, error) { + token, err := auth.Token().GetToken(ctx, policy.TokenRequestOptions{Scopes: []string{aadResourceID + "/.default"}}) if err != nil { return nil, errors.Wrap(err, "error while getting aad token for user kubeconfig") } - - return createUserKubeconfigWithToken(token, userKubeConfigData) -} - -// createUserKubeconfigWithToken gets the kubeconfig data for authenticating with target cluster. -func createUserKubeconfigWithToken(token string, userKubeConfigData []byte) ([]byte, error) { config, err := clientcmd.Load(userKubeConfigData) if err != nil { return nil, errors.Wrap(err, "error while trying to unmarshal new user kubeconfig with token") } for _, auth := range config.AuthInfos { - auth.Token = token + auth.Token = token.Token auth.Exec = nil } kubeconfig, err := clientcmd.Write(*config) diff --git a/azure/services/managedclusters/managedclusters_test.go b/azure/services/managedclusters/managedclusters_test.go index 7948ed8b78c..c7c718935a0 100644 --- a/azure/services/managedclusters/managedclusters_test.go +++ b/azure/services/managedclusters/managedclusters_test.go @@ -21,8 +21,8 @@ import ( "errors" "testing" - asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20230202preview" asocontainerservicev1 "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001" + asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231102preview" . "github.com/onsi/gomega" "go.uber.org/mock/gomock" corev1 "k8s.io/api/core/v1" diff --git a/azure/services/managedclusters/spec.go b/azure/services/managedclusters/spec.go index 8a6245417c0..0e8865b3194 100644 --- a/azure/services/managedclusters/spec.go +++ b/azure/services/managedclusters/spec.go @@ -22,9 +22,9 @@ import ( "fmt" "net" - asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20230202preview" asocontainerservicev1 "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001" asocontainerservicev1hub "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001/storage" + asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231102preview" "github.com/Azure/azure-service-operator/v2/pkg/genruntime" "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/azure/services/managedclusters/spec_test.go b/azure/services/managedclusters/spec_test.go index de4e54259d1..23e0dc1c164 100644 --- a/azure/services/managedclusters/spec_test.go +++ b/azure/services/managedclusters/spec_test.go @@ -21,8 +21,8 @@ import ( "encoding/base64" "testing" - asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20230202preview" asocontainerservicev1 "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001" + asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231102preview" "github.com/Azure/azure-service-operator/v2/pkg/genruntime" "github.com/google/go-cmp/cmp" . "github.com/onsi/gomega" diff --git a/azure/services/scalesets/scalesets_test.go b/azure/services/scalesets/scalesets_test.go index 459feb25b8d..c0b0ba4b1da 100644 --- a/azure/services/scalesets/scalesets_test.go +++ b/azure/services/scalesets/scalesets_test.go @@ -742,8 +742,8 @@ func newWindowsVMSSSpec() ScaleSetSpec { return vmss } -func newDefaultExistingVMSS(vmSize string) armcompute.VirtualMachineScaleSet { - vmss := newDefaultVMSS(vmSize) +func newDefaultExistingVMSS() armcompute.VirtualMachineScaleSet { + vmss := newDefaultVMSS("VM_SIZE") vmss.ID = ptr.To("subscriptions/1234/resourceGroups/my_resource_group/providers/Microsoft.Compute/virtualMachines/my-vm") return vmss } diff --git a/azure/services/scalesets/spec.go b/azure/services/scalesets/spec.go index 516fafc4feb..cc9c0c10898 100644 --- a/azure/services/scalesets/spec.go +++ b/azure/services/scalesets/spec.go @@ -92,6 +92,9 @@ func (s *ScaleSetSpec) OwnerResourceName() string { } func (s *ScaleSetSpec) existingParameters(ctx context.Context, existing interface{}) (parameters interface{}, err error) { + ctx, log, done := tele.StartSpanWithLogger(ctx, "scalesets.ScaleSetSpec.existingParameters") + defer done() + existingVMSS, ok := existing.(armcompute.VirtualMachineScaleSet) if !ok { return nil, errors.Errorf("%T is not an armcompute.VirtualMachineScaleSet", existing) @@ -131,6 +134,15 @@ func (s *ScaleSetSpec) existingParameters(ctx context.Context, existing interfac return nil, nil } + // if there are no model changes and no change in custom data, remove VirtualMachineProfile to avoid unnecessary VMSS model + // updates. + if !hasModelChanges && !s.ShouldPatchCustomData { + log.V(4).Info("removing virtual machine profile from parameters", "hasModelChanges", hasModelChanges, "shouldPatchCustomData", s.ShouldPatchCustomData) + vmss.Properties.VirtualMachineProfile = nil + } else { + log.V(4).Info("has changes, not removing virtual machine profile from parameters", "hasModelChanges", hasModelChanges, "shouldPatchCustomData", s.ShouldPatchCustomData) + } + return vmss, nil } @@ -391,6 +403,10 @@ func (s *ScaleSetSpec) generateStorageProfile(ctx context.Context) (*armcompute. storageProfile.OSDisk.DiffDiskSettings = &armcompute.DiffDiskSettings{ Option: ptr.To(armcompute.DiffDiskOptions(s.OSDisk.DiffDiskSettings.Option)), } + + if s.OSDisk.DiffDiskSettings.Placement != nil { + storageProfile.OSDisk.DiffDiskSettings.Placement = ptr.To(armcompute.DiffDiskPlacement(*s.OSDisk.DiffDiskSettings.Placement)) + } } if s.OSDisk.ManagedDisk != nil { diff --git a/azure/services/scalesets/spec_test.go b/azure/services/scalesets/spec_test.go index d87f74dcdc3..b8dc3e76891 100644 --- a/azure/services/scalesets/spec_test.go +++ b/azure/services/scalesets/spec_test.go @@ -32,25 +32,28 @@ import ( ) var ( - defaultSpec, defaultVMSS = getDefaultVMSS() - windowsSpec, windowsVMSS = getDefaultWindowsVMSS() - acceleratedNetworkingSpec, acceleratedNetworkingVMSS = getAcceleratedNetworkingVMSS() - customSubnetSpec, customSubnetVMSS = getCustomSubnetVMSS() - customNetworkingSpec, customNetworkingVMSS = getCustomNetworkingVMSS() - spotVMSpec, spotVMVMSS = getSpotVMVMSS() - ephemeralSpec, ephemeralVMSS = getEPHVMSSS() - evictionSpec, evictionVMSS = getEvictionPolicyVMSS() - maxPriceSpec, maxPriceVMSS = getMaxPriceVMSS() - encryptionSpec, encryptionVMSS = getEncryptionVMSS() - userIdentitySpec, userIdentityVMSS = getUserIdentityVMSS() - hostEncryptionSpec, hostEncryptionVMSS = getHostEncryptionVMSS() - hostEncryptionUnsupportedSpec = getHostEncryptionUnsupportedSpec() - ephemeralReadSpec, ephemeralReadVMSS = getEphemeralReadOnlyVMSS() - defaultExistingSpec, defaultExistingVMSS, defaultExistingVMSSClone = getExistingDefaultVMSS() - userManagedStorageAccountDiagnosticsSpec, userManagedStorageAccountDiagnosticsVMSS = getUserManagedAndStorageAcccountDiagnosticsVMSS() - managedDiagnosticsSpec, managedDiagnoisticsVMSS = getManagedDiagnosticsVMSS() - disabledDiagnosticsSpec, disabledDiagnosticsVMSS = getDisabledDiagnosticsVMSS() - nilDiagnosticsProfileSpec, nilDiagnosticsProfileVMSS = getNilDiagnosticsProfileVMSS() + defaultSpec, defaultVMSS = getDefaultVMSS() + windowsSpec, windowsVMSS = getDefaultWindowsVMSS() + acceleratedNetworkingSpec, acceleratedNetworkingVMSS = getAcceleratedNetworkingVMSS() + customSubnetSpec, customSubnetVMSS = getCustomSubnetVMSS() + customNetworkingSpec, customNetworkingVMSS = getCustomNetworkingVMSS() + spotVMSpec, spotVMVMSS = getSpotVMVMSS() + ephemeralSpec, ephemeralVMSS = getEPHVMSSS() + resourceDiskSpec, resourceDiskVMSS = getResourceDiskVMSS() + evictionSpec, evictionVMSS = getEvictionPolicyVMSS() + maxPriceSpec, maxPriceVMSS = getMaxPriceVMSS() + encryptionSpec, encryptionVMSS = getEncryptionVMSS() + userIdentitySpec, userIdentityVMSS = getUserIdentityVMSS() + hostEncryptionSpec, hostEncryptionVMSS = getHostEncryptionVMSS() + hostEncryptionUnsupportedSpec = getHostEncryptionUnsupportedSpec() + ephemeralReadSpec, ephemeralReadVMSS = getEphemeralReadOnlyVMSS() + defaultExistingSpec, defaultExistingVMSS, defaultExistingVMSSClone = getExistingDefaultVMSS() + defaultExistingSpecOnlyCapacityChange, defaultExistingVMSSOnlyCapacityChange, defaultExistingVMSSResultOnlyCapacityChange = getExistingDefaultVMSSOnlyCapacityChange() + defaultExistingSpecOnlyCapacityChangeWithCustomDataChange, defaultExistingVMSSOnlyCapacityChangeWithCustomDataChange, defaultExistingVMSSResultOnlyCapacityChangeWithCustomDataChange = getExistingDefaultVMSSOnlyCapacityChangeWithCustomDataChange() + userManagedStorageAccountDiagnosticsSpec, userManagedStorageAccountDiagnosticsVMSS = getUserManagedAndStorageAcccountDiagnosticsVMSS() + managedDiagnosticsSpec, managedDiagnoisticsVMSS = getManagedDiagnosticsVMSS() + disabledDiagnosticsSpec, disabledDiagnosticsVMSS = getDisabledDiagnosticsVMSS() + nilDiagnosticsProfileSpec, nilDiagnosticsProfileVMSS = getNilDiagnosticsProfileVMSS() ) func getDefaultVMSS() (ScaleSetSpec, armcompute.VirtualMachineScaleSet) { @@ -233,6 +236,32 @@ func getEPHVMSSS() (ScaleSetSpec, armcompute.VirtualMachineScaleSet) { return spec, vmss } +func getResourceDiskVMSS() (ScaleSetSpec, armcompute.VirtualMachineScaleSet) { + spec := newDefaultVMSSSpec() + spec.Size = vmSizeEPH + spec.SKU = resourceskus.SKU{ + Capabilities: []*armcompute.ResourceSKUCapabilities{ + { + Name: ptr.To(resourceskus.EphemeralOSDisk), + Value: ptr.To("True"), + }, + }, + } + spec.SpotVMOptions = &infrav1.SpotVMOptions{} + spec.OSDisk.DiffDiskSettings = &infrav1.DiffDiskSettings{ + Option: string(armcompute.DiffDiskOptionsLocal), + Placement: ptr.To(infrav1.DiffDiskPlacementResourceDisk), + } + vmss := newDefaultVMSS(vmSizeEPH) + vmss.Properties.VirtualMachineProfile.StorageProfile.OSDisk.DiffDiskSettings = &armcompute.DiffDiskSettings{ + Option: ptr.To(armcompute.DiffDiskOptionsLocal), + Placement: ptr.To(armcompute.DiffDiskPlacementResourceDisk), + } + vmss.Properties.VirtualMachineProfile.Priority = ptr.To(armcompute.VirtualMachinePriorityTypesSpot) + + return spec, vmss +} + func getEvictionPolicyVMSS() (ScaleSetSpec, armcompute.VirtualMachineScaleSet) { spec := newDefaultVMSSSpec() spec.Size = vmSizeEPH @@ -399,22 +428,57 @@ func getExistingDefaultVMSS() (s ScaleSetSpec, existing armcompute.VirtualMachin }, } - existingVMSS := newDefaultExistingVMSS("VM_SIZE") + existingVMSS := newDefaultExistingVMSS() existingVMSS.Properties.AdditionalCapabilities = &armcompute.AdditionalCapabilities{UltraSSDEnabled: ptr.To(true)} existingVMSS.SKU.Capacity = ptr.To[int64](2) - existingVMSS.Properties.AdditionalCapabilities = &armcompute.AdditionalCapabilities{UltraSSDEnabled: ptr.To(true)} - clone := newDefaultExistingVMSS("VM_SIZE") + clone := newDefaultExistingVMSS() clone.SKU.Capacity = ptr.To[int64](3) clone.Properties.AdditionalCapabilities = &armcompute.AdditionalCapabilities{UltraSSDEnabled: ptr.To(true)} clone.Properties.VirtualMachineProfile.NetworkProfile = nil clone.Properties.VirtualMachineProfile.StorageProfile.ImageReference.Version = ptr.To("2.0") - clone.Properties.VirtualMachineProfile.NetworkProfile = nil return spec, existingVMSS, clone } +func getExistingDefaultVMSSOnlyCapacityChange() (s ScaleSetSpec, existing armcompute.VirtualMachineScaleSet, result armcompute.VirtualMachineScaleSet) { + spec := newDefaultVMSSSpec() + spec.Capacity = 3 + + existingVMSS := newDefaultExistingVMSS() + + result = newDefaultExistingVMSS() + result.Properties.VirtualMachineProfile = nil + result.SKU.Capacity = ptr.To[int64](3) + + return spec, existingVMSS, result +} + +func getExistingDefaultVMSSOnlyCapacityChangeWithCustomDataChange() (s ScaleSetSpec, existing armcompute.VirtualMachineScaleSet, result armcompute.VirtualMachineScaleSet) { + spec := newDefaultVMSSSpec() + spec.Capacity = 3 + spec.DataDisks = append(spec.DataDisks, infrav1.DataDisk{ + NameSuffix: "my_disk_with_ultra_disks", + DiskSizeGB: 128, + Lun: ptr.To[int32](3), + ManagedDisk: &infrav1.ManagedDiskParameters{ + StorageAccountType: "UltraSSD_LRS", + }, + }) + spec.ShouldPatchCustomData = true + + existingVMSS := newDefaultExistingVMSS() + existingVMSS.Properties.AdditionalCapabilities = &armcompute.AdditionalCapabilities{UltraSSDEnabled: ptr.To(true)} + + result = newDefaultExistingVMSS() + result.SKU.Capacity = ptr.To[int64](3) + result.Properties.AdditionalCapabilities = &armcompute.AdditionalCapabilities{UltraSSDEnabled: ptr.To(true)} + result.Properties.VirtualMachineProfile.NetworkProfile = nil + + return spec, existingVMSS, result +} + func getUserManagedAndStorageAcccountDiagnosticsVMSS() (ScaleSetSpec, armcompute.VirtualMachineScaleSet) { storageURI := "https://fakeurl" spec := newDefaultVMSSSpec() @@ -586,6 +650,13 @@ func TestScaleSetParameters(t *testing.T) { expected: ephemeralVMSS, expectedError: "", }, + { + name: "spot vm and ephemeral disk with resourceDisk placement vmss", + spec: resourceDiskSpec, + existing: nil, + expected: resourceDiskVMSS, + expectedError: "", + }, { name: "spot vm and eviction policy vmss", spec: evictionSpec, @@ -677,6 +748,20 @@ func TestScaleSetParameters(t *testing.T) { expected: nilDiagnosticsProfileVMSS, expectedError: "", }, + { + name: "update for existing vmss with only capacity change", + spec: defaultExistingSpecOnlyCapacityChange, + existing: defaultExistingVMSSOnlyCapacityChange, + expected: defaultExistingVMSSResultOnlyCapacityChange, + expectedError: "", + }, + { + name: "update for existing vmss with only capacity change but should patch custom data", + spec: defaultExistingSpecOnlyCapacityChangeWithCustomDataChange, + existing: defaultExistingVMSSOnlyCapacityChangeWithCustomDataChange, + expected: defaultExistingVMSSResultOnlyCapacityChangeWithCustomDataChange, + expectedError: "", + }, } for _, tc := range testcases { tc := tc @@ -697,7 +782,9 @@ func TestScaleSetParameters(t *testing.T) { if !ok { t.Fatalf("expected type VirtualMachineScaleSet, got %T", param) } - result.Properties.VirtualMachineProfile.OSProfile.AdminPassword = nil // Override this field as it's randomly generated. We can't set anything in tc.expected to match it. + if result.Properties.VirtualMachineProfile != nil { + result.Properties.VirtualMachineProfile.OSProfile.AdminPassword = nil // Override this field as it's randomly generated. We can't set anything in tc.expected to match it. + } if !reflect.DeepEqual(tc.expected, result) { t.Errorf("Diff between actual result and expected result:\n%s", cmp.Diff(result, tc.expected)) diff --git a/azure/services/token/client.go b/azure/services/token/client.go deleted file mode 100644 index 1dfcff401a3..00000000000 --- a/azure/services/token/client.go +++ /dev/null @@ -1,74 +0,0 @@ -/* -Copyright 2023 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package token - -import ( - "context" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/pkg/errors" - "sigs.k8s.io/cluster-api-provider-azure/azure" - "sigs.k8s.io/cluster-api-provider-azure/util/tele" -) - -// AzureClient to get azure active directory token. -type AzureClient struct { - aadToken *azidentity.ClientSecretCredential -} - -// NewClient creates a new azure active directory token client from an authorizer. -func NewClient(auth azure.Authorizer) (*AzureClient, error) { - aadToken, err := newAzureActiveDirectoryTokenClient(auth.TenantID(), - auth.ClientID(), - auth.ClientSecret(), - auth.CloudEnvironment()) - if err != nil { - return nil, err - } - return &AzureClient{ - aadToken: aadToken, - }, nil -} - -// newAzureActiveDirectoryTokenClient creates a new aad token client from an authorizer. -func newAzureActiveDirectoryTokenClient(tenantID, clientID, clientSecret, envName string) (*azidentity.ClientSecretCredential, error) { - cliOpts, err := azure.ARMClientOptions(envName) - if err != nil { - return nil, errors.Wrap(err, "error while getting client options") - } - clientOptions := &azidentity.ClientSecretCredentialOptions{ - ClientOptions: cliOpts.ClientOptions, - } - cred, err := azidentity.NewClientSecretCredential(tenantID, clientID, clientSecret, clientOptions) - if err != nil { - return nil, errors.Wrap(err, "error while getting az client secret credentials") - } - return cred, nil -} - -// GetAzureActiveDirectoryToken gets the token for authentication with azure active directory. -func (ac *AzureClient) GetAzureActiveDirectoryToken(ctx context.Context, resourceID string) (string, error) { - ctx, _, done := tele.StartSpanWithLogger(ctx, "aadToken.GetToken") - defer done() - - spnAccessToken, err := ac.aadToken.GetToken(ctx, policy.TokenRequestOptions{Scopes: []string{resourceID + "/.default"}}) - if err != nil { - return "", errors.Wrap(err, "failed to get token") - } - return spnAccessToken.Token, nil -} diff --git a/azure/services/virtualmachines/spec.go b/azure/services/virtualmachines/spec.go index 391d4537b45..b60e88e81d0 100644 --- a/azure/services/virtualmachines/spec.go +++ b/azure/services/virtualmachines/spec.go @@ -183,6 +183,7 @@ func (s *VMSpec) generateStorageProfile() (*armcompute.StorageProfile, error) { if !MemoryCapability { return nil, azure.WithTerminalError(errors.New("VM memory should be bigger or equal to at least 2Gi")) } + // enable ephemeral OS if s.OSDisk.DiffDiskSettings != nil { if !s.SKU.HasCapability(resourceskus.EphemeralOSDisk) { @@ -192,6 +193,10 @@ func (s *VMSpec) generateStorageProfile() (*armcompute.StorageProfile, error) { storageProfile.OSDisk.DiffDiskSettings = &armcompute.DiffDiskSettings{ Option: ptr.To(armcompute.DiffDiskOptions(s.OSDisk.DiffDiskSettings.Option)), } + + if s.OSDisk.DiffDiskSettings.Placement != nil { + storageProfile.OSDisk.DiffDiskSettings.Placement = ptr.To(armcompute.DiffDiskPlacement(*s.OSDisk.DiffDiskSettings.Placement)) + } } if s.OSDisk.ManagedDisk != nil { diff --git a/azure/services/virtualmachines/spec_test.go b/azure/services/virtualmachines/spec_test.go index 3a20db0617c..1e5613b74c2 100644 --- a/azure/services/virtualmachines/spec_test.go +++ b/azure/services/virtualmachines/spec_test.go @@ -461,6 +461,35 @@ func TestParameters(t *testing.T) { }, expectedError: "", }, + { + name: "can create a vm with DiffDiskPlacement ResourceDisk", + spec: &VMSpec{ + Name: "my-vm", + Role: infrav1.Node, + NICIDs: []string{"my-nic"}, + SSHKeyData: "fakesshpublickey", + Size: "Standard_D2v3", + OSDisk: infrav1.OSDisk{ + OSType: "Linux", + DiskSizeGB: ptr.To[int32](128), + ManagedDisk: &infrav1.ManagedDiskParameters{ + StorageAccountType: string(armcompute.StorageAccountTypesPremiumLRS), + }, + DiffDiskSettings: &infrav1.DiffDiskSettings{ + Option: string(armcompute.DiffDiskOptionsLocal), + Placement: ptr.To(infrav1.DiffDiskPlacementResourceDisk), + }, + }, + Image: &infrav1.Image{ID: ptr.To("fake-image-id")}, + SKU: validSKUWithEphemeralOS, + }, + existing: nil, + expect: func(g *WithT, result interface{}) { + g.Expect(result).To(BeAssignableToTypeOf(armcompute.VirtualMachine{})) + g.Expect(result.(armcompute.VirtualMachine).Properties.StorageProfile.OSDisk.DiffDiskSettings.Placement).To(Equal(ptr.To(armcompute.DiffDiskPlacementResourceDisk))) + }, + expectedError: "", + }, { name: "can create a trusted launch vm", spec: &VMSpec{ diff --git a/azure/types.go b/azure/types.go index 4583b57981c..2e040edcc2b 100644 --- a/azure/types.go +++ b/azure/types.go @@ -126,7 +126,6 @@ func (vmss VMSS) HasModelChanges(other VMSS) bool { equal := cmp.Equal(vmss.Image, other.Image) && cmp.Equal(vmss.Identity, other.Identity) && cmp.Equal(vmss.Zones, other.Zones) && - cmp.Equal(vmss.Tags, other.Tags) && cmp.Equal(vmss.Sku, other.Sku) return !equal } diff --git a/azure/types_test.go b/azure/types_test.go index a6b7194c1c7..f84b79761b6 100644 --- a/azure/types_test.go +++ b/azure/types_test.go @@ -124,18 +124,6 @@ func TestVMSS_HasModelChanges(t *testing.T) { }, HasModelChanges: true, }, - { - Name: "with different Tags", - Factory: func() (VMSS, VMSS) { - l := getDefaultVMSSForModelTesting() - l.Tags = infrav1.Tags{ - "bin": "baz", - } - r := getDefaultVMSSForModelTesting() - return r, l - }, - HasModelChanges: true, - }, } for _, c := range cases { diff --git a/config/aso/crds.yaml b/config/aso/crds.yaml index 3eb9d141644..abdf3d6b64d 100644 --- a/config/aso/crds.yaml +++ b/config/aso/crds.yaml @@ -3,10 +3,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: bastionhosts.network.azure.com spec: conversion: @@ -45,20 +45,34 @@ spec: name: v1api20220701 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/bastionHost.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName}' + description: |- + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/bastionHost.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string disableCopyPaste: description: 'DisableCopyPaste: Enable/Disable Copy/Paste feature of the Bastion Host resource.' @@ -99,7 +113,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -120,7 +137,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -143,7 +163,10 @@ spec: description: 'Location: Resource location.' type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -191,14 +214,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -296,13 +328,26 @@ spec: name: v1api20220701storage schema: openAPIV3Schema: - description: 'Storage version of v1api20220701.BastionHost Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/bastionHost.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName}' + description: |- + Storage version of v1api20220701.BastionHost + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/bastionHost.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -312,10 +357,14 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string disableCopyPaste: type: boolean @@ -331,30 +380,41 @@ spec: type: boolean ipConfigurations: items: - description: Storage version of v1api20220701.BastionHostIPConfiguration IP configuration of an Bastion Host. + description: |- + Storage version of v1api20220701.BastionHostIPConfiguration + IP configuration of an Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string privateIPAllocationMethod: type: string publicIPAddress: - description: Storage version of v1api20220701.BastionHostSubResource Reference to another subresource. + description: |- + Storage version of v1api20220701.BastionHostSubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -369,18 +429,25 @@ spec: type: object type: object subnet: - description: Storage version of v1api20220701.BastionHostSubResource Reference to another subresource. + description: |- + Storage version of v1api20220701.BastionHostSubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -401,7 +468,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -413,12 +483,16 @@ spec: scaleUnits: type: integer sku: - description: Storage version of v1api20220701.Sku The sku of this Bastion Host. + description: |- + Storage version of v1api20220701.Sku + The sku of this Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -431,12 +505,16 @@ spec: - owner type: object status: - description: Storage version of v1api20220701.BastionHost_STATUS Bastion Host resource. + description: |- + Storage version of v1api20220701.BastionHost_STATUS + Bastion Host resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object conditions: items: @@ -450,14 +528,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -490,12 +577,16 @@ spec: type: string ipConfigurations: items: - description: Storage version of v1api20220701.BastionHostIPConfiguration_STATUS IP configuration of an Bastion Host. + description: |- + Storage version of v1api20220701.BastionHostIPConfiguration_STATUS + IP configuration of an Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -510,12 +601,16 @@ spec: scaleUnits: type: integer sku: - description: Storage version of v1api20220701.Sku_STATUS The sku of this Bastion Host. + description: |- + Storage version of v1api20220701.Sku_STATUS + The sku of this Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -538,10 +633,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: extensions.kubernetesconfiguration.azure.com spec: conversion: @@ -580,13 +675,25 @@ spec: name: v1api20230501 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName}' + description: |- + Generator information: + - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -606,13 +713,19 @@ spec: description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' type: boolean azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string configurationProtectedSettings: - description: 'ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this extension.' + description: |- + ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this + extension. properties: name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - name @@ -623,7 +736,9 @@ spec: description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' type: object extensionType: - description: 'ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types registered with Microsoft.KubernetesConfiguration by the Extension publisher.' + description: |- + ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types + registered with Microsoft.KubernetesConfiguration by the Extension publisher. type: string identity: description: 'Identity: Identity of the Extension resource' @@ -634,8 +749,36 @@ spec: - SystemAssigned type: string type: object + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + principalId: + description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + type: object owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an extension resource, which means that any other Azure resource can be its owner.' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an + extension resource, which means that any other Azure resource can be its owner. properties: armId: description: Ownership across namespaces is not supported. @@ -658,7 +801,9 @@ spec: description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' type: string product: - description: 'Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the artifact at the time of Data Market onboarding.' + description: |- + Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the + artifact at the time of Data Market onboarding. type: string promotionCode: description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' @@ -675,7 +820,9 @@ spec: - publisher type: object releaseTrain: - description: 'ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if autoUpgradeMinorVersion is ''true''.' + description: |- + ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if + autoUpgradeMinorVersion is 'true'. type: string scope: description: 'Scope: Scope at which the extension is installed.' @@ -684,19 +831,25 @@ spec: description: 'Cluster: Specifies that the scope of the extension is Cluster' properties: releaseNamespace: - description: 'ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this namespace does not exist, it will be created' + description: |- + ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this + namespace does not exist, it will be created type: string type: object namespace: description: 'Namespace: Specifies that the scope of the extension is Namespace' properties: targetNamespace: - description: 'TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace does not exist, it will be created' + description: |- + TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace + does not exist, it will be created type: string type: object type: object systemData: - description: 'SystemData: Top level metadata https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources' + description: |- + SystemData: Top level metadata + https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources properties: createdAt: description: 'CreatedAt: The timestamp of resource creation (UTC).' @@ -728,7 +881,9 @@ spec: type: string type: object version: - description: 'Version: User-specified version of the extension for this extension to ''pin''. To use ''version'', autoUpgradeMinorVersion must be ''false''.' + description: |- + Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion + must be 'false'. type: string required: - owner @@ -765,14 +920,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -790,7 +954,9 @@ spec: configurationProtectedSettings: additionalProperties: type: string - description: 'ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this extension.' + description: |- + ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this + extension. type: object configurationSettings: additionalProperties: @@ -864,10 +1030,14 @@ spec: type: string type: object extensionType: - description: 'ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types registered with Microsoft.KubernetesConfiguration by the Extension publisher.' + description: |- + ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types + registered with Microsoft.KubernetesConfiguration by the Extension publisher. type: string id: - description: 'Id: Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}' + description: |- + Id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} type: string identity: description: 'Identity: Identity of the Extension resource' @@ -898,7 +1068,9 @@ spec: description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' type: string product: - description: 'Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the artifact at the time of Data Market onboarding.' + description: |- + Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the + artifact at the time of Data Market onboarding. type: string promotionCode: description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' @@ -914,7 +1086,9 @@ spec: description: 'ProvisioningState: Status of installation of this extension.' type: string releaseTrain: - description: 'ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if autoUpgradeMinorVersion is ''true''.' + description: |- + ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if + autoUpgradeMinorVersion is 'true'. type: string scope: description: 'Scope: Scope at which the extension is installed.' @@ -923,14 +1097,18 @@ spec: description: 'Cluster: Specifies that the scope of the extension is Cluster' properties: releaseNamespace: - description: 'ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this namespace does not exist, it will be created' + description: |- + ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this + namespace does not exist, it will be created type: string type: object namespace: description: 'Namespace: Specifies that the scope of the extension is Namespace' properties: targetNamespace: - description: 'TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace does not exist, it will be created' + description: |- + TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace + does not exist, it will be created type: string type: object type: object @@ -957,7 +1135,9 @@ spec: type: object type: array systemData: - description: 'SystemData: Top level metadata https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources' + description: |- + SystemData: Top level metadata + https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources properties: createdAt: description: 'CreatedAt: The timestamp of resource creation (UTC).' @@ -982,7 +1162,9 @@ spec: description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string version: - description: 'Version: User-specified version of the extension for this extension to ''pin''. To use ''version'', autoUpgradeMinorVersion must be ''false''.' + description: |- + Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion + must be 'false'. type: string type: object type: object @@ -1006,13 +1188,26 @@ spec: name: v1api20230501storage schema: openAPIV3Schema: - description: 'Storage version of v1api20230501.Extension Generator information: - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName}' + description: |- + Storage version of v1api20230501.Extension + Generator information: + - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1022,7 +1217,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aksAssignedIdentity: description: Storage version of v1api20230501.Extension_Properties_AksAssignedIdentity_Spec @@ -1030,7 +1227,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object type: type: string @@ -1038,13 +1237,19 @@ spec: autoUpgradeMinorVersion: type: boolean azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string configurationProtectedSettings: - description: SecretMapReference is a reference to a Kubernetes secret in the same namespace as the resource it is on. + description: |- + SecretMapReference is a reference to a Kubernetes secret in the same namespace as + the resource it is on. properties: name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - name @@ -1056,20 +1261,68 @@ spec: extensionType: type: string identity: - description: Storage version of v1api20230501.Identity Identity for the resource. + description: |- + Storage version of v1api20230501.Identity + Identity for the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object type: type: string type: object + operatorSpec: + description: |- + Storage version of v1api20230501.ExtensionOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMaps: + description: Storage version of v1api20230501.ExtensionOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + principalId: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + type: object originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an extension resource, which means that any other Azure resource can be its owner.' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an + extension resource, which means that any other Azure resource can be its owner. properties: armId: description: Ownership across namespaces is not supported. @@ -1086,12 +1339,16 @@ spec: type: string type: object plan: - description: Storage version of v1api20230501.Plan Plan for the resource. + description: |- + Storage version of v1api20230501.Plan + Plan for the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -1107,43 +1364,59 @@ spec: releaseTrain: type: string scope: - description: Storage version of v1api20230501.Scope Scope of the extension. It can be either Cluster or Namespace; but not both. + description: |- + Storage version of v1api20230501.Scope + Scope of the extension. It can be either Cluster or Namespace; but not both. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object cluster: - description: Storage version of v1api20230501.ScopeCluster Specifies that the scope of the extension is Cluster + description: |- + Storage version of v1api20230501.ScopeCluster + Specifies that the scope of the extension is Cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object releaseNamespace: type: string type: object namespace: - description: Storage version of v1api20230501.ScopeNamespace Specifies that the scope of the extension is Namespace + description: |- + Storage version of v1api20230501.ScopeNamespace + Specifies that the scope of the extension is Namespace properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object targetNamespace: type: string type: object type: object systemData: - description: Storage version of v1api20230501.SystemData Metadata pertaining to creation and last modification of the resource. + description: |- + Storage version of v1api20230501.SystemData + Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -1164,12 +1437,16 @@ spec: - owner type: object status: - description: Storage version of v1api20230501.Extension_STATUS The Extension object. + description: |- + Storage version of v1api20230501.Extension_STATUS + The Extension object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aksAssignedIdentity: description: Storage version of v1api20230501.Extension_Properties_AksAssignedIdentity_STATUS @@ -1177,7 +1454,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -1200,14 +1479,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -1237,21 +1525,29 @@ spec: type: string type: object errorInfo: - description: Storage version of v1api20230501.ErrorDetail_STATUS The error detail. + description: |- + Storage version of v1api20230501.ErrorDetail_STATUS + The error detail. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: Storage version of v1api20230501.ErrorAdditionalInfo_STATUS The resource management error additional info. + description: |- + Storage version of v1api20230501.ErrorAdditionalInfo_STATUS + The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -1270,16 +1566,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: Storage version of v1api20230501.ErrorAdditionalInfo_STATUS The resource management error additional info. + description: |- + Storage version of v1api20230501.ErrorAdditionalInfo_STATUS + The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -1307,12 +1609,16 @@ spec: id: type: string identity: - description: Storage version of v1api20230501.Identity_STATUS Identity for the resource. + description: |- + Storage version of v1api20230501.Identity_STATUS + Identity for the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -1328,12 +1634,16 @@ spec: packageUri: type: string plan: - description: Storage version of v1api20230501.Plan_STATUS Plan for the resource. + description: |- + Storage version of v1api20230501.Plan_STATUS + Plan for the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -1351,31 +1661,43 @@ spec: releaseTrain: type: string scope: - description: Storage version of v1api20230501.Scope_STATUS Scope of the extension. It can be either Cluster or Namespace; but not both. + description: |- + Storage version of v1api20230501.Scope_STATUS + Scope of the extension. It can be either Cluster or Namespace; but not both. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object cluster: - description: Storage version of v1api20230501.ScopeCluster_STATUS Specifies that the scope of the extension is Cluster + description: |- + Storage version of v1api20230501.ScopeCluster_STATUS + Specifies that the scope of the extension is Cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object releaseNamespace: type: string type: object namespace: - description: Storage version of v1api20230501.ScopeNamespace_STATUS Specifies that the scope of the extension is Namespace + description: |- + Storage version of v1api20230501.ScopeNamespace_STATUS + Specifies that the scope of the extension is Namespace properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object targetNamespace: type: string @@ -1383,12 +1705,16 @@ spec: type: object statuses: items: - description: Storage version of v1api20230501.ExtensionStatus_STATUS Status from the extension. + description: |- + Storage version of v1api20230501.ExtensionStatus_STATUS + Status from the extension. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -1403,12 +1729,16 @@ spec: type: object type: array systemData: - description: Storage version of v1api20230501.SystemData_STATUS Metadata pertaining to creation and last modification of the resource. + description: |- + Storage version of v1api20230501.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -1439,10 +1769,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: fleetsmembers.containerservice.azure.com spec: conversion: @@ -1481,29 +1811,49 @@ spec: name: v1api20230315preview schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 50 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string clusterResourceReference: - description: 'ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}''.' + description: |- + ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. + e.g.: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -1523,7 +1873,10 @@ spec: pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/Fleet resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/Fleet resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -1539,7 +1892,9 @@ spec: status: properties: clusterResourceId: - description: 'ClusterResourceId: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}''.' + description: |- + ClusterResourceId: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. type: string conditions: description: 'Conditions: The observed state of the resource' @@ -1554,14 +1909,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -1577,13 +1941,19 @@ spec: type: object type: array eTag: - description: 'ETag: If eTag is provided in the response body, it may also be provided as a header per the normal etag convention. Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header fields.' + description: |- + ETag: If eTag is provided in the response body, it may also be provided as a header per the normal etag convention. + Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in + the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header + fields. type: string group: description: 'Group: The group this member belongs to for multi-cluster update management.' type: string id: - description: 'Id: Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}' + description: |- + Id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} type: string name: description: 'Name: The name of the resource' @@ -1638,13 +2008,26 @@ spec: name: v1api20230315previewstorage schema: openAPIV3Schema: - description: 'Storage version of v1api20230315preview.FleetsMember Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName}' + description: |- + Storage version of v1api20230315preview.FleetsMember + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1654,16 +2037,26 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string clusterResourceReference: - description: 'ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}''.' + description: |- + ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. + e.g.: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -1681,7 +2074,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/Fleet resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/Fleet resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -1700,7 +2096,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clusterResourceId: type: string @@ -1716,14 +2114,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -1749,12 +2156,16 @@ spec: provisioningState: type: string systemData: - description: Storage version of v1api20230315preview.SystemData_STATUS Metadata pertaining to creation and last modification of the resource. + description: |- + Storage version of v1api20230315preview.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -1783,10 +2194,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: managedclusters.containerservice.azure.com spec: conversion: @@ -1825,13 +2236,25 @@ spec: name: v1api20210501 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1861,7 +2284,9 @@ spec: description: 'ServerAppSecret: The server AAD application secret.' type: string tenantID: - description: 'TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.' + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: @@ -1887,24 +2312,38 @@ spec: description: Profile for the container service agent pool. properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -1927,7 +2366,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. minimum: 2 type: integer containerLogMaxSizeMB: @@ -1937,10 +2378,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -1955,11 +2401,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. enum: - OS - Temporary @@ -2059,10 +2510,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -2075,7 +2532,9 @@ spec: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User @@ -2090,10 +2549,15 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixIDReference: - description: 'NodePublicIPPrefixIDReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixIDReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2112,14 +2576,22 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes + version. The node pool version must have the same major version as the control plane. The node pool minor version must + be within two minor versions of the control plane version. The node pool version cannot be greater than the control + plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed @@ -2137,10 +2609,16 @@ spec: - Windows type: string podSubnetIDReference: - description: 'PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more + details). This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2157,7 +2635,9 @@ spec: description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -2169,7 +2649,10 @@ spec: - Spot type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -2186,17 +2669,30 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetIDReference: - description: 'VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2215,18 +2711,26 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string type: object autoScalerProfile: @@ -2236,7 +2740,10 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: 'Expander: If not specified, the default is ''random''. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.' + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. enum: - least-waste - most-pods @@ -2250,31 +2757,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -2293,7 +2815,9 @@ spec: description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -2303,19 +2827,29 @@ spec: type: string type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetIDReference: - description: 'DiskEncryptionSetIDReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetIDReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2332,7 +2866,9 @@ spec: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.' + description: |- + EnablePodSecurityPolicy: (DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set + for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -2374,14 +2910,18 @@ spec: description: 'Identity: The identity of the managed cluster, if configured.' properties: type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: description: Information about the user assigned identity for the resource properties: @@ -2389,7 +2929,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2419,7 +2962,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2436,7 +2982,11 @@ spec: description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: 'KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -2454,7 +3004,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string required: - keyData @@ -2474,18 +3026,24 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string dockerBridgeCidr: - description: 'DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.' + description: |- + DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP + ranges or the Kubernetes service address range. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string loadBalancerProfile: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer @@ -2498,7 +3056,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2514,7 +3075,9 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer @@ -2522,7 +3085,9 @@ spec: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be + in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer @@ -2539,7 +3104,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2567,7 +3135,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2585,7 +3156,10 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. enum: - basic - standard @@ -2609,7 +3183,9 @@ spec: - calico type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - userDefinedRouting @@ -2619,7 +3195,9 @@ spec: pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string type: object @@ -2627,32 +3205,42 @@ spec: description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string operatorSpec: - description: 'OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure' + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: secrets: description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: 'AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -2661,7 +3249,10 @@ spec: type: object type: object owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -2671,10 +3262,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -2700,7 +3297,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2729,7 +3329,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -2764,7 +3366,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -2788,7 +3393,9 @@ spec: type: object type: array servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -2800,7 +3407,9 @@ spec: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -2818,7 +3427,9 @@ spec: - Basic type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for + more details. enum: - Free - Paid @@ -2833,16 +3444,49 @@ spec: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -2881,7 +3525,9 @@ spec: description: 'ServerAppSecret: The server AAD application secret.' type: string tenantID: - description: 'TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.' + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: @@ -2918,24 +3564,38 @@ spec: description: Profile for the container service agent pool. properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -2952,7 +3612,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -2961,10 +3623,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -2979,11 +3646,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -3080,10 +3752,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -3096,7 +3774,9 @@ spec: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: Windows agent pool names must be 6 characters or less.' @@ -3110,7 +3790,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -3118,12 +3800,20 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes + version. The node pool version must have the same major version as the control plane. The node pool minor version must + be within two minor versions of the control plane version. The node pool version cannot be greater than the control + plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' @@ -3132,7 +3822,10 @@ spec: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: description: 'PowerState: Describes whether the Agent Pool is Running or Stopped' @@ -3148,13 +3841,18 @@ spec: description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -3168,14 +3866,24 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string type: object type: array @@ -3183,18 +3891,26 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string type: object autoScalerProfile: @@ -3204,7 +3920,10 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: 'Expander: If not specified, the default is ''random''. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.' + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. type: string max-empty-bulk-delete: description: 'MaxEmptyBulkDelete: The default is 10.' @@ -3213,31 +3932,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -3256,11 +3990,16 @@ spec: description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azurePortalFQDN: - description: 'AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn''t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.' + description: |- + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. type: string conditions: description: 'Conditions: The observed state of the resource' @@ -3275,14 +4014,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -3298,16 +4046,23 @@ spec: type: object type: array disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: 'DiskEncryptionSetID: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetID: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.' + description: |- + EnablePodSecurityPolicy: (DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set + for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -3359,7 +4114,9 @@ spec: description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: @@ -3371,7 +4128,9 @@ spec: description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: @@ -3391,7 +4150,11 @@ spec: description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: 'KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -3408,7 +4171,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string type: object type: array @@ -3427,16 +4192,22 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. type: string dockerBridgeCidr: - description: 'DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.' + description: |- + DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP + ranges or the Kubernetes service address range. type: string loadBalancerProfile: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer effectiveOutboundIPs: description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' @@ -3449,13 +4220,17 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be + in the range of 1 to 100 (inclusive). The default value is 1. type: integer type: object outboundIPPrefixes: @@ -3488,7 +4263,10 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. type: string networkMode: description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' @@ -3500,23 +4278,33 @@ spec: description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. type: string type: object nodeResourceGroup: description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -3591,7 +4379,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -3648,7 +4438,9 @@ spec: description: 'ProvisioningState: The current provisioning state.' type: string servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -3661,7 +4453,9 @@ spec: description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for + more details. type: string type: object tags: @@ -3675,17 +4469,25 @@ spec: windowsProfile: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object type: object @@ -3710,13 +4512,26 @@ spec: name: v1api20210501storage schema: openAPIV3Schema: - description: 'Storage version of v1api20210501.ManagedCluster Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}' + description: |- + Storage version of v1api20210501.ManagedCluster + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -3726,15 +4541,21 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20210501.ManagedClusterAADProfile For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: |- + Storage version of v1api20210501.ManagedClusterAADProfile + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -3755,12 +4576,16 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20210501.ManagedClusterAddonProfile A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20210501.ManagedClusterAddonProfile + A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -3772,12 +4597,16 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20210501.ManagedClusterAgentPoolProfile Profile for the container service agent pool. + description: |- + Storage version of v1api20210501.ManagedClusterAgentPoolProfile + Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -3798,12 +4627,16 @@ spec: gpuInstanceProfile: type: string kubeletConfig: - description: Storage version of v1api20210501.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20210501.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -3833,22 +4666,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20210501.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20210501.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20210501.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20210501.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -3927,10 +4768,15 @@ spec: type: string type: object nodePublicIPPrefixIDReference: - description: 'NodePublicIPPrefixIDReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixIDReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -3958,10 +4804,16 @@ spec: osType: type: string podSubnetIDReference: - description: 'PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more + details). This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -3989,12 +4841,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20210501.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20210501.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -4002,10 +4858,16 @@ spec: vmSize: type: string vnetSubnetIDReference: - description: 'VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4021,12 +4883,16 @@ spec: type: object type: array apiServerAccessProfile: - description: Storage version of v1api20210501.ManagedClusterAPIServerAccessProfile Access profile for managed cluster API server. + description: |- + Storage version of v1api20210501.ManagedClusterAPIServerAccessProfile + Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -4045,7 +4911,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -4083,26 +4951,37 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20210501.ManagedClusterAutoUpgradeProfile Auto upgrade profile for a managed cluster. + description: |- + Storage version of v1api20210501.ManagedClusterAutoUpgradeProfile + Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object upgradeChannel: type: string type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string disableLocalAccounts: type: boolean diskEncryptionSetIDReference: - description: 'DiskEncryptionSetIDReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetIDReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4122,12 +5001,16 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20210501.ExtendedLocation The complex type of the extended location. + description: |- + Storage version of v1api20210501.ExtendedLocation + The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -4137,12 +5020,16 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20210501.ManagedClusterHTTPProxyConfig Cluster HTTP proxy configuration. + description: |- + Storage version of v1api20210501.ManagedClusterHTTPProxyConfig + Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -4156,29 +5043,40 @@ spec: type: string type: object identity: - description: Storage version of v1api20210501.ManagedClusterIdentity Identity for the managed cluster. + description: |- + Storage version of v1api20210501.ManagedClusterIdentity + Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object type: type: string userAssignedIdentities: items: - description: Storage version of v1api20210501.UserAssignedIdentityDetails Information about the user assigned identity for the resource + description: |- + Storage version of v1api20210501.UserAssignedIdentityDetails + Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4196,12 +5094,16 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20210501.UserAssignedIdentity Details about a user assigned identity. + description: |- + Storage version of v1api20210501.UserAssignedIdentity + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -4211,7 +5113,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4229,31 +5134,43 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20210501.ContainerServiceLinuxProfile Profile for Linux VMs in the container service cluster. + description: |- + Storage version of v1api20210501.ContainerServiceLinuxProfile + Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20210501.ContainerServiceSshConfiguration SSH configuration for Linux-based VMs running on Azure. + description: |- + Storage version of v1api20210501.ContainerServiceSshConfiguration + SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20210501.ContainerServiceSshPublicKey Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20210501.ContainerServiceSshPublicKey + Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -4264,41 +5181,56 @@ spec: location: type: string networkProfile: - description: Storage version of v1api20210501.ContainerServiceNetworkProfile Profile of network configuration. + description: |- + Storage version of v1api20210501.ContainerServiceNetworkProfile + Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string dockerBridgeCidr: type: string loadBalancerProfile: - description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile Profile of the managed cluster load balancer. + description: |- + Storage version of v1api20210501.ManagedClusterLoadBalancerProfile + Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer effectiveOutboundIPs: items: - description: Storage version of v1api20210501.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20210501.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4321,7 +5253,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -4332,22 +5266,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20210501.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20210501.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4369,22 +5312,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20210501.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20210501.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4419,12 +5371,16 @@ spec: nodeResourceGroup: type: string operatorSpec: - description: Storage version of v1api20210501.ManagedClusterOperatorSpec Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + description: |- + Storage version of v1api20210501.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object secrets: description: Storage version of v1api20210501.ManagedClusterOperatorSecrets @@ -4432,29 +5388,39 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: 'SecretDestination describes the location to store a single secret value. Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other.' + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'SecretDestination describes the location to store a single secret value. Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other.' + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -4465,7 +5431,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -4475,12 +5444,17 @@ spec: type: string type: object podIdentityProfile: - description: Storage version of v1api20210501.ManagedClusterPodIdentityProfile See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. + description: |- + Storage version of v1api20210501.ManagedClusterPodIdentityProfile + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -4488,22 +5462,30 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20210501.ManagedClusterPodIdentity Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20210501.ManagedClusterPodIdentity + Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20210501.UserAssignedIdentity Details about a user assigned identity. + description: |- + Storage version of v1api20210501.UserAssignedIdentity + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -4513,7 +5495,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4535,12 +5520,17 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20210501.ManagedClusterPodIdentityException See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + Storage version of v1api20210501.ManagedClusterPodIdentityException + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -4555,12 +5545,16 @@ spec: type: object privateLinkResources: items: - description: Storage version of v1api20210501.PrivateLinkResource A private link resource + description: |- + Storage version of v1api20210501.PrivateLinkResource + A private link resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -4570,7 +5564,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -4592,23 +5589,31 @@ spec: type: object type: array servicePrincipalProfile: - description: Storage version of v1api20210501.ManagedClusterServicePrincipalProfile Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: |- + Storage version of v1api20210501.ManagedClusterServicePrincipalProfile + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: SecretReference is a reference to a Kubernetes secret and key in the same namespace as the resource it is on. + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -4616,12 +5621,16 @@ spec: type: object type: object sku: - description: Storage version of v1api20210501.ManagedClusterSKU The SKU of a Managed Cluster. + description: |- + Storage version of v1api20210501.ManagedClusterSKU + The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -4633,15 +5642,34 @@ spec: type: string type: object windowsProfile: - description: Storage version of v1api20210501.ManagedClusterWindowsProfile Profile for Windows VMs in the managed cluster. + description: |- + Storage version of v1api20210501.ManagedClusterWindowsProfile + Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminPassword: - type: string + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: @@ -4653,20 +5681,28 @@ spec: - owner type: object status: - description: Storage version of v1api20210501.ManagedCluster_STATUS Managed cluster. + description: |- + Storage version of v1api20210501.ManagedCluster_STATUS + Managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20210501.ManagedClusterAADProfile_STATUS For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: |- + Storage version of v1api20210501.ManagedClusterAADProfile_STATUS + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -4687,12 +5723,16 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20210501.ManagedClusterAddonProfile_STATUS A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20210501.ManagedClusterAddonProfile_STATUS + A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -4701,12 +5741,16 @@ spec: enabled: type: boolean identity: - description: Storage version of v1api20210501.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20210501.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -4719,12 +5763,16 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20210501.ManagedClusterAgentPoolProfile_STATUS Profile for the container service agent pool. + description: |- + Storage version of v1api20210501.ManagedClusterAgentPoolProfile_STATUS + Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -4745,12 +5793,16 @@ spec: gpuInstanceProfile: type: string kubeletConfig: - description: Storage version of v1api20210501.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20210501.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -4780,22 +5832,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20210501.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20210501.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20210501.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20210501.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -4894,12 +5954,16 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20210501.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20210501.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -4921,12 +5985,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20210501.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20210501.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -4938,12 +6006,16 @@ spec: type: object type: array apiServerAccessProfile: - description: Storage version of v1api20210501.ManagedClusterAPIServerAccessProfile_STATUS Access profile for managed cluster API server. + description: |- + Storage version of v1api20210501.ManagedClusterAPIServerAccessProfile_STATUS + Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -4962,7 +6034,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -5000,12 +6074,16 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20210501.ManagedClusterAutoUpgradeProfile_STATUS Auto upgrade profile for a managed cluster. + description: |- + Storage version of v1api20210501.ManagedClusterAutoUpgradeProfile_STATUS + Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object upgradeChannel: type: string @@ -5024,14 +6102,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -5057,12 +6144,16 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20210501.ExtendedLocation_STATUS The complex type of the extended location. + description: |- + Storage version of v1api20210501.ExtendedLocation_STATUS + The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -5074,12 +6165,16 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20210501.ManagedClusterHTTPProxyConfig_STATUS Cluster HTTP proxy configuration. + description: |- + Storage version of v1api20210501.ManagedClusterHTTPProxyConfig_STATUS + Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -5095,12 +6190,16 @@ spec: id: type: string identity: - description: Storage version of v1api20210501.ManagedClusterIdentity_STATUS Identity for the managed cluster. + description: |- + Storage version of v1api20210501.ManagedClusterIdentity_STATUS + Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -5115,7 +6214,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -5126,12 +6227,16 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20210501.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20210501.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -5144,31 +6249,43 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20210501.ContainerServiceLinuxProfile_STATUS Profile for Linux VMs in the container service cluster. + description: |- + Storage version of v1api20210501.ContainerServiceLinuxProfile_STATUS + Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20210501.ContainerServiceSshConfiguration_STATUS SSH configuration for Linux-based VMs running on Azure. + description: |- + Storage version of v1api20210501.ContainerServiceSshConfiguration_STATUS + SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20210501.ContainerServiceSshPublicKey_STATUS Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20210501.ContainerServiceSshPublicKey_STATUS + Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -5183,35 +6300,47 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20210501.ContainerServiceNetworkProfile_STATUS Profile of network configuration. + description: |- + Storage version of v1api20210501.ContainerServiceNetworkProfile_STATUS + Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string dockerBridgeCidr: type: string loadBalancerProfile: - description: Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_STATUS Profile of the managed cluster load balancer. + description: |- + Storage version of v1api20210501.ManagedClusterLoadBalancerProfile_STATUS + Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer effectiveOutboundIPs: items: - description: Storage version of v1api20210501.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20210501.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -5225,7 +6354,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -5236,16 +6367,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20210501.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20210501.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -5258,16 +6395,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20210501.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20210501.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -5293,12 +6436,17 @@ spec: nodeResourceGroup: type: string podIdentityProfile: - description: Storage version of v1api20210501.ManagedClusterPodIdentityProfile_STATUS See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. + description: |- + Storage version of v1api20210501.ManagedClusterPodIdentityProfile_STATUS + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -5306,22 +6454,30 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20210501.ManagedClusterPodIdentity_STATUS Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20210501.ManagedClusterPodIdentity_STATUS + Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20210501.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20210501.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -5340,23 +6496,33 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningError_STATUS An error response from the pod identity provisioning. + description: |- + Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningError_STATUS + An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningErrorBody_STATUS An error response from the pod identity provisioning. + description: |- + Storage version of v1api20210501.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -5367,7 +6533,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -5390,12 +6558,17 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20210501.ManagedClusterPodIdentityException_STATUS See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + Storage version of v1api20210501.ManagedClusterPodIdentityException_STATUS + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -5409,12 +6582,16 @@ spec: type: array type: object powerState: - description: Storage version of v1api20210501.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20210501.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -5423,12 +6600,16 @@ spec: type: string privateLinkResources: items: - description: Storage version of v1api20210501.PrivateLinkResource_STATUS A private link resource + description: |- + Storage version of v1api20210501.PrivateLinkResource_STATUS + A private link resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -5449,23 +6630,31 @@ spec: provisioningState: type: string servicePrincipalProfile: - description: Storage version of v1api20210501.ManagedClusterServicePrincipalProfile_STATUS Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: |- + Storage version of v1api20210501.ManagedClusterServicePrincipalProfile_STATUS + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: Storage version of v1api20210501.ManagedClusterSKU_STATUS The SKU of a Managed Cluster. + description: |- + Storage version of v1api20210501.ManagedClusterSKU_STATUS + The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -5479,15 +6668,17 @@ spec: type: type: string windowsProfile: - description: Storage version of v1api20210501.ManagedClusterWindowsProfile_STATUS Profile for Windows VMs in the managed cluster. + description: |- + Storage version of v1api20210501.ManagedClusterWindowsProfile_STATUS + Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - adminPassword: - type: string adminUsername: type: string enableCSIProxy: @@ -5517,13 +6708,25 @@ spec: name: v1api20230201 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -5553,7 +6756,9 @@ spec: description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: 'TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.' + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: @@ -5579,21 +6784,30 @@ spec: description: Profile for the container service agent pool. properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -5611,13 +6825,23 @@ spec: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -5632,10 +6856,16 @@ spec: - MIG7g type: string hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -5657,7 +6887,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. minimum: 2 type: integer containerLogMaxSizeMB: @@ -5667,10 +6899,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -5685,11 +6922,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. enum: - OS - Temporary @@ -5789,10 +7031,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -5805,7 +7053,9 @@ spec: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User @@ -5820,10 +7070,15 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -5842,20 +7097,33 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - CBLMariner - Ubuntu @@ -5869,10 +7137,16 @@ spec: - Windows type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -5886,7 +7160,10 @@ spec: type: string type: object powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -5899,7 +7176,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -5919,7 +7199,9 @@ spec: - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -5931,7 +7213,10 @@ spec: - Spot type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -5948,17 +7233,30 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -5985,7 +7283,10 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array @@ -5993,13 +7294,18 @@ spec: description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string type: object autoScalerProfile: @@ -6009,7 +7315,10 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: 'Expander: If not specified, the default is ''random''. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.' + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. enum: - least-waste - most-pods @@ -6023,31 +7332,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -6066,7 +7390,9 @@ spec: description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -6079,19 +7405,33 @@ spec: description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: 'Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.' + description: |- + Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: 'Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.' + description: |- + Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See + aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.' + description: |- + KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: metricAnnotationsAllowList: - description: 'MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource''s labels metric (Example: ''namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...''). By default the metric contains only resource name and namespace labels.' + description: |- + MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's + labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric + contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: 'MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource''s labels metric (Example: ''namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...''). By default the metric contains only resource name and namespace labels.' + description: |- + MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only + resource name and namespace labels. type: string type: object required: @@ -6099,19 +7439,29 @@ spec: type: object type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetReference: - description: 'DiskEncryptionSetReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6128,7 +7478,10 @@ spec: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.' + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -6170,14 +7523,18 @@ spec: description: 'Identity: The identity of the managed cluster, if configured.' properties: type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: description: Information about the user assigned identity for the resource properties: @@ -6185,7 +7542,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6215,7 +7575,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6232,7 +7595,14 @@ spec: description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: 'KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All + upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or + 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -6250,7 +7620,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string required: - keyData @@ -6270,15 +7642,21 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string dockerBridgeCidr: - description: 'DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.' + description: |- + DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP + ranges or the Kubernetes service address range. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string ipFamilies: - description: 'IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.' + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: enum: - IPv4 @@ -6289,7 +7667,9 @@ spec: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer @@ -6302,7 +7682,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6321,7 +7704,9 @@ spec: description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer @@ -6329,12 +7714,16 @@ spec: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer countIPv6: - description: 'CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.' + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. maximum: 100 minimum: 0 type: integer @@ -6351,7 +7740,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6379,7 +7771,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6397,7 +7792,10 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. enum: - basic - standard @@ -6414,7 +7812,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6430,7 +7831,9 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. maximum: 120 minimum: 4 type: integer @@ -6438,7 +7841,9 @@ spec: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. maximum: 16 minimum: 1 type: integer @@ -6476,7 +7881,9 @@ spec: - cilium type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - managedNATGateway @@ -6488,16 +7895,22 @@ spec: pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: 'PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.' + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: 'ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array @@ -6513,19 +7926,40 @@ spec: type: boolean type: object operatorSpec: - description: 'OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure' + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: configMaps: description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: 'OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be created.' + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + principalId: + description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' properties: key: description: Key is the key in the ConfigMap being referenced type: string name: - description: Name is the name of the Kubernetes ConfigMap being referenced. The ConfigMap must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource type: string required: - key @@ -6536,26 +7970,34 @@ spec: description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: 'AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -6564,7 +8006,10 @@ spec: type: object type: object owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -6574,10 +8019,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -6603,7 +8054,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6632,7 +8086,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -6667,7 +8123,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6700,25 +8159,39 @@ spec: description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: 'AzureKeyVaultKms: Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.' + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: 'KeyId: Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.' + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: 'KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.' + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. enum: - Private - Public type: string keyVaultResourceReference: - description: 'KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6736,10 +8209,16 @@ spec: description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -6771,7 +8250,9 @@ spec: type: integer type: object workloadIdentity: - description: 'WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.' + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: description: 'Enabled: Whether to enable workload identity.' @@ -6779,7 +8260,9 @@ spec: type: object type: object servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -6791,7 +8274,9 @@ spec: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -6809,7 +8294,9 @@ spec: - Base type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. enum: - Free - Standard @@ -6856,29 +8343,66 @@ spec: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: 'DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: 'RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -6930,7 +8454,9 @@ spec: description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: 'TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.' + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: @@ -6967,34 +8493,53 @@ spec: description: Profile for the container service agent pool. properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: 'CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be exactly equal to it. If orchestratorVersion is , this field will contain the full version being used.' + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -7003,7 +8548,10 @@ spec: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: 'HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string kubeletConfig: description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' @@ -7014,7 +8562,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -7023,10 +8573,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -7041,11 +8596,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -7142,10 +8702,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -7158,7 +8724,9 @@ spec: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: Windows agent pool names must be 6 characters or less.' @@ -7172,7 +8740,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -7180,24 +8750,43 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -7213,13 +8802,18 @@ spec: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -7233,14 +8827,24 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' @@ -7251,7 +8855,10 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array @@ -7259,13 +8866,18 @@ spec: description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string type: object autoScalerProfile: @@ -7275,7 +8887,10 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: 'Expander: If not specified, the default is ''random''. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.' + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. type: string max-empty-bulk-delete: description: 'MaxEmptyBulkDelete: The default is 10.' @@ -7284,31 +8899,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -7327,32 +8957,51 @@ spec: description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: 'Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.' + description: |- + Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: 'Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.' + description: |- + Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See + aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.' + description: |- + KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: metricAnnotationsAllowList: - description: 'MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource''s labels metric (Example: ''namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...''). By default the metric contains only resource name and namespace labels.' + description: |- + MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's + labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric + contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: 'MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource''s labels metric (Example: ''namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...''). By default the metric contains only resource name and namespace labels.' + description: |- + MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only + resource name and namespace labels. type: string type: object type: object type: object azurePortalFQDN: - description: 'AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn''t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.' + description: |- + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. type: string conditions: description: 'Conditions: The observed state of the resource' @@ -7367,14 +9016,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -7390,19 +9048,30 @@ spec: type: object type: array currentKubernetesVersion: - description: 'CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be exactly equal to it. If kubernetesVersion was , this field will contain the full version being used.' + description: |- + CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be + exactly equal to it. If kubernetesVersion was , this field will contain the full + version being used. type: string disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: 'DiskEncryptionSetID: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetID: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.' + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -7442,7 +9111,9 @@ spec: type: string type: object id: - description: 'Id: Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}' + description: |- + Id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} type: string identity: description: 'Identity: The identity of the managed cluster, if configured.' @@ -7454,7 +9125,9 @@ spec: description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: @@ -7466,7 +9139,9 @@ spec: description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: @@ -7486,7 +9161,14 @@ spec: description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: 'KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All + upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or + 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -7503,7 +9185,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string type: object type: array @@ -7522,13 +9206,19 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. type: string dockerBridgeCidr: - description: 'DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.' + description: |- + DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP + ranges or the Kubernetes service address range. type: string ipFamilies: - description: 'IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.' + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: type: string type: array @@ -7536,7 +9226,9 @@ spec: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer effectiveOutboundIPs: description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' @@ -7552,16 +9244,22 @@ spec: description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - description: 'CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.' + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: @@ -7594,7 +9292,10 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. type: string natGatewayProfile: description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' @@ -7610,13 +9311,17 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. type: integer type: object type: object @@ -7636,21 +9341,29 @@ spec: description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: - description: 'PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.' + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. type: string serviceCidrs: - description: 'ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array @@ -7669,10 +9382,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -7747,7 +9466,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -7810,26 +9531,40 @@ spec: description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: 'AzureKeyVaultKms: Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.' + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: 'KeyId: Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.' + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: 'KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.' + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. type: string keyVaultResourceId: - description: 'KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must + be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. type: string type: object defender: description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceId: - description: 'LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. + When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft + Defender is disabled, leave the field empty. type: string securityMonitoring: description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' @@ -7850,7 +9585,9 @@ spec: type: integer type: object workloadIdentity: - description: 'WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.' + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: description: 'Enabled: Whether to enable workload identity.' @@ -7858,7 +9595,9 @@ spec: type: object type: object servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -7871,7 +9610,9 @@ spec: description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: @@ -7939,30 +9680,42 @@ spec: windowsProfile: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: 'DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: 'RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: @@ -7998,13 +9751,26 @@ spec: name: v1api20230201storage schema: openAPIV3Schema: - description: 'Storage version of v1api20230201.ManagedCluster Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}' + description: |- + Storage version of v1api20230201.ManagedCluster + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -8014,15 +9780,21 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20230201.ManagedClusterAADProfile For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: |- + Storage version of v1api20230201.ManagedClusterAADProfile + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -8043,12 +9815,16 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20230201.ManagedClusterAddonProfile A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterAddonProfile + A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -8060,12 +9836,16 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20230201.ManagedClusterAgentPoolProfile Profile for the container service agent pool. + description: |- + Storage version of v1api20230201.ManagedClusterAgentPoolProfile + Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -8074,18 +9854,25 @@ spec: count: type: integer creationData: - description: Storage version of v1api20230201.CreationData Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20230201.CreationData + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8112,10 +9899,16 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8129,12 +9922,16 @@ spec: type: string type: object kubeletConfig: - description: Storage version of v1api20230201.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230201.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -8164,22 +9961,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230201.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230201.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230201.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20230201.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -8258,10 +10063,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8289,10 +10099,16 @@ spec: osType: type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8306,12 +10122,16 @@ spec: type: string type: object powerState: - description: Storage version of v1api20230201.PowerState Describes the Power State of the cluster + description: |- + Storage version of v1api20230201.PowerState + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -8320,7 +10140,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8348,12 +10171,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230201.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20230201.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -8361,10 +10188,16 @@ spec: vmSize: type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8382,12 +10215,16 @@ spec: type: object type: array apiServerAccessProfile: - description: Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile Access profile for managed cluster API server. + description: |- + Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile + Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -8408,7 +10245,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -8446,41 +10285,61 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile Auto upgrade profile for a managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile + Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object upgradeChannel: type: string type: object azureMonitorProfile: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfile Azure Monitor addon profiles for monitoring the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterAzureMonitorProfile + Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metrics: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview. + description: |- + Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics + Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details. + description: |- + Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics + Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -8490,15 +10349,22 @@ spec: type: object type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: 'DiskEncryptionSetReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8518,12 +10384,16 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20230201.ExtendedLocation The complex type of the extended location. + description: |- + Storage version of v1api20230201.ExtendedLocation + The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -8533,12 +10403,16 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20230201.ManagedClusterHTTPProxyConfig Cluster HTTP proxy configuration. + description: |- + Storage version of v1api20230201.ManagedClusterHTTPProxyConfig + Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -8552,29 +10426,40 @@ spec: type: string type: object identity: - description: Storage version of v1api20230201.ManagedClusterIdentity Identity for the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterIdentity + Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object type: type: string userAssignedIdentities: items: - description: Storage version of v1api20230201.UserAssignedIdentityDetails Information about the user assigned identity for the resource + description: |- + Storage version of v1api20230201.UserAssignedIdentityDetails + Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8592,12 +10477,16 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20230201.UserAssignedIdentity Details about a user assigned identity. + description: |- + Storage version of v1api20230201.UserAssignedIdentity + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -8607,7 +10496,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8625,31 +10517,43 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20230201.ContainerServiceLinuxProfile Profile for Linux VMs in the container service cluster. + description: |- + Storage version of v1api20230201.ContainerServiceLinuxProfile + Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20230201.ContainerServiceSshConfiguration SSH configuration for Linux-based VMs running on Azure. + description: |- + Storage version of v1api20230201.ContainerServiceSshConfiguration + SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20230201.ContainerServiceSshPublicKey Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20230201.ContainerServiceSshPublicKey + Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -8660,12 +10564,16 @@ spec: location: type: string networkProfile: - description: Storage version of v1api20230201.ContainerServiceNetworkProfile Profile of network configuration. + description: |- + Storage version of v1api20230201.ContainerServiceNetworkProfile + Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -8676,29 +10584,40 @@ spec: type: string type: array loadBalancerProfile: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile Profile of the managed cluster load balancer. + description: |- + Storage version of v1api20230201.ManagedClusterLoadBalancerProfile + Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer effectiveOutboundIPs: items: - description: Storage version of v1api20230201.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20230201.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8723,7 +10642,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -8736,22 +10657,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20230201.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20230201.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8773,22 +10703,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20230201.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20230201.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8808,27 +10747,38 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: Storage version of v1api20230201.ManagedClusterNATGatewayProfile Profile of the managed cluster NAT gateway. + description: |- + Storage version of v1api20230201.ManagedClusterNATGatewayProfile + Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: Storage version of v1api20230201.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20230201.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -8846,12 +10796,16 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile Profile of the managed outbound IP resources of the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile + Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -8885,23 +10839,31 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile The OIDC issuer profile of the Managed Cluster. + description: |- + Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile + The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object operatorSpec: - description: Storage version of v1api20230201.ManagedClusterOperatorSpec Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + description: |- + Storage version of v1api20230201.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object configMaps: description: Storage version of v1api20230201.ManagedClusterOperatorConfigMaps @@ -8909,16 +10871,39 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object oidcIssuerProfile: - description: 'ConfigMapDestination describes the location to store a single configmap value Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other.' + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + principalId: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the ConfigMap being referenced type: string name: - description: Name is the name of the Kubernetes ConfigMap being referenced. The ConfigMap must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource type: string required: - key @@ -8931,29 +10916,39 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: 'SecretDestination describes the location to store a single secret value. Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other.' + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'SecretDestination describes the location to store a single secret value. Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other.' + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -8964,7 +10959,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -8974,12 +10972,17 @@ spec: type: string type: object podIdentityProfile: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProfile See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. + description: |- + Storage version of v1api20230201.ManagedClusterPodIdentityProfile + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -8987,22 +10990,30 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentity Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20230201.ManagedClusterPodIdentity + Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20230201.UserAssignedIdentity Details about a user assigned identity. + description: |- + Storage version of v1api20230201.UserAssignedIdentity + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -9012,7 +11023,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -9034,12 +11048,17 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentityException See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + Storage version of v1api20230201.ManagedClusterPodIdentityException + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -9054,12 +11073,16 @@ spec: type: object privateLinkResources: items: - description: Storage version of v1api20230201.PrivateLinkResource A private link resource + description: |- + Storage version of v1api20230201.PrivateLinkResource + A private link resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -9069,7 +11092,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -9093,20 +11119,28 @@ spec: publicNetworkAccess: type: string securityProfile: - description: Storage version of v1api20230201.ManagedClusterSecurityProfile Security profile for the container service cluster. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfile + Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: Storage version of v1api20230201.AzureKeyVaultKms Azure Key Vault key management service settings for the security profile. + description: |- + Storage version of v1api20230201.AzureKeyVaultKms + Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -9115,10 +11149,15 @@ spec: keyVaultNetworkAccess: type: string keyVaultResourceReference: - description: 'KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -9133,18 +11172,28 @@ spec: type: object type: object defender: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefender Microsoft Defender settings for the security profile. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfileDefender + Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -9158,24 +11207,33 @@ spec: type: string type: object securityMonitoring: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring Microsoft Defender settings for the security profile threat detection. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring + Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -9183,35 +11241,47 @@ spec: type: integer type: object workloadIdentity: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity Workload identity settings for the security profile. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity + Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object servicePrincipalProfile: - description: Storage version of v1api20230201.ManagedClusterServicePrincipalProfile Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: |- + Storage version of v1api20230201.ManagedClusterServicePrincipalProfile + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: SecretReference is a reference to a Kubernetes secret and key in the same namespace as the resource it is on. + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -9219,12 +11289,16 @@ spec: type: object type: object sku: - description: Storage version of v1api20230201.ManagedClusterSKU The SKU of a Managed Cluster. + description: |- + Storage version of v1api20230201.ManagedClusterSKU + The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -9232,53 +11306,73 @@ spec: type: string type: object storageProfile: - description: Storage version of v1api20230201.ManagedClusterStorageProfile Storage profile for the container service cluster. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfile + Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver AzureBlob CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver + AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver AzureDisk CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver + AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver AzureFile CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver + AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController Snapshot Controller settings for the storage profile. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController + Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -9289,26 +11383,49 @@ spec: type: string type: object windowsProfile: - description: Storage version of v1api20230201.ManagedClusterWindowsProfile Profile for Windows VMs in the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterWindowsProfile + Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminPassword: - type: string + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: Storage version of v1api20230201.WindowsGmsaProfile Windows gMSA Profile in the managed cluster. + description: |- + Storage version of v1api20230201.WindowsGmsaProfile + Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -9321,20 +11438,28 @@ spec: type: string type: object workloadAutoScalerProfile: - description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile Workload Auto-scaler profile for the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile + Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keda: - description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: |- + Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -9344,20 +11469,28 @@ spec: - owner type: object status: - description: Storage version of v1api20230201.ManagedCluster_STATUS Managed cluster. + description: |- + Storage version of v1api20230201.ManagedCluster_STATUS + Managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20230201.ManagedClusterAADProfile_STATUS For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: |- + Storage version of v1api20230201.ManagedClusterAADProfile_STATUS + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -9378,12 +11511,16 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20230201.ManagedClusterAddonProfile_STATUS A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterAddonProfile_STATUS + A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -9392,12 +11529,16 @@ spec: enabled: type: boolean identity: - description: Storage version of v1api20230201.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20230201.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -9410,12 +11551,16 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20230201.ManagedClusterAgentPoolProfile_STATUS Profile for the container service agent pool. + description: |- + Storage version of v1api20230201.ManagedClusterAgentPoolProfile_STATUS + Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -9424,12 +11569,16 @@ spec: count: type: integer creationData: - description: Storage version of v1api20230201.CreationData_STATUS Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20230201.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -9451,12 +11600,16 @@ spec: hostGroupID: type: string kubeletConfig: - description: Storage version of v1api20230201.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230201.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -9486,22 +11639,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230201.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230201.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230201.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20230201.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -9600,12 +11761,16 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20230201.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20230201.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -9629,12 +11794,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -9648,12 +11817,16 @@ spec: type: object type: array apiServerAccessProfile: - description: Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile_STATUS Access profile for managed cluster API server. + description: |- + Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile_STATUS + Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -9674,7 +11847,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -9712,41 +11887,61 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile_STATUS Auto upgrade profile for a managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile_STATUS + Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object upgradeChannel: type: string type: object azureMonitorProfile: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfile_STATUS Azure Monitor addon profiles for monitoring the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterAzureMonitorProfile_STATUS + Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metrics: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics_STATUS Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview. + description: |- + Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics_STATUS + Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details. + description: |- + Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -9769,14 +11964,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -9804,12 +12008,16 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20230201.ExtendedLocation_STATUS The complex type of the extended location. + description: |- + Storage version of v1api20230201.ExtendedLocation_STATUS + The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -9821,12 +12029,16 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20230201.ManagedClusterHTTPProxyConfig_STATUS Cluster HTTP proxy configuration. + description: |- + Storage version of v1api20230201.ManagedClusterHTTPProxyConfig_STATUS + Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -9842,12 +12054,16 @@ spec: id: type: string identity: - description: Storage version of v1api20230201.ManagedClusterIdentity_STATUS Identity for the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterIdentity_STATUS + Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -9862,7 +12078,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -9873,12 +12091,16 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20230201.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20230201.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -9891,31 +12113,43 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20230201.ContainerServiceLinuxProfile_STATUS Profile for Linux VMs in the container service cluster. + description: |- + Storage version of v1api20230201.ContainerServiceLinuxProfile_STATUS + Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20230201.ContainerServiceSshConfiguration_STATUS SSH configuration for Linux-based VMs running on Azure. + description: |- + Storage version of v1api20230201.ContainerServiceSshConfiguration_STATUS + SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20230201.ContainerServiceSshPublicKey_STATUS Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20230201.ContainerServiceSshPublicKey_STATUS + Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -9930,12 +12164,16 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20230201.ContainerServiceNetworkProfile_STATUS Profile of network configuration. + description: |- + Storage version of v1api20230201.ContainerServiceNetworkProfile_STATUS + Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -9946,23 +12184,31 @@ spec: type: string type: array loadBalancerProfile: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_STATUS Profile of the managed cluster load balancer. + description: |- + Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_STATUS + Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer effectiveOutboundIPs: items: - description: Storage version of v1api20230201.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20230201.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -9978,7 +12224,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -9991,16 +12239,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20230201.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20230201.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -10013,16 +12267,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20230201.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20230201.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -10033,21 +12293,29 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: Storage version of v1api20230201.ManagedClusterNATGatewayProfile_STATUS Profile of the managed cluster NAT gateway. + description: |- + Storage version of v1api20230201.ManagedClusterNATGatewayProfile_STATUS + Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: Storage version of v1api20230201.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20230201.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -10056,12 +12324,16 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile_STATUS Profile of the managed outbound IP resources of the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile_STATUS + Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -10095,12 +12367,16 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile_STATUS The OIDC issuer profile of the Managed Cluster. + description: |- + Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile_STATUS + The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -10108,12 +12384,17 @@ spec: type: string type: object podIdentityProfile: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProfile_STATUS See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. + description: |- + Storage version of v1api20230201.ManagedClusterPodIdentityProfile_STATUS + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -10121,22 +12402,30 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentity_STATUS Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20230201.ManagedClusterPodIdentity_STATUS + Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20230201.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20230201.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -10155,23 +12444,33 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningError_STATUS An error response from the pod identity provisioning. + description: |- + Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningError_STATUS + An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningErrorBody_STATUS An error response from the pod identity provisioning. + description: |- + Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -10182,7 +12481,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -10205,12 +12506,17 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentityException_STATUS See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + Storage version of v1api20230201.ManagedClusterPodIdentityException_STATUS + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -10224,12 +12530,16 @@ spec: type: array type: object powerState: - description: Storage version of v1api20230201.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20230201.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -10238,12 +12548,16 @@ spec: type: string privateLinkResources: items: - description: Storage version of v1api20230201.PrivateLinkResource_STATUS A private link resource + description: |- + Storage version of v1api20230201.PrivateLinkResource_STATUS + A private link resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -10266,20 +12580,28 @@ spec: publicNetworkAccess: type: string securityProfile: - description: Storage version of v1api20230201.ManagedClusterSecurityProfile_STATUS Security profile for the container service cluster. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfile_STATUS + Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: Storage version of v1api20230201.AzureKeyVaultKms_STATUS Azure Key Vault key management service settings for the security profile. + description: |- + Storage version of v1api20230201.AzureKeyVaultKms_STATUS + Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -10291,34 +12613,47 @@ spec: type: string type: object defender: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefender_STATUS Microsoft Defender settings for the security profile. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfileDefender_STATUS + Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceId: type: string securityMonitoring: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS Microsoft Defender settings for the security profile threat detection. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner_STATUS Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner_STATUS + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -10326,35 +12661,47 @@ spec: type: integer type: object workloadIdentity: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity_STATUS Workload identity settings for the security profile. + description: |- + Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object servicePrincipalProfile: - description: Storage version of v1api20230201.ManagedClusterServicePrincipalProfile_STATUS Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: |- + Storage version of v1api20230201.ManagedClusterServicePrincipalProfile_STATUS + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: Storage version of v1api20230201.ManagedClusterSKU_STATUS The SKU of a Managed Cluster. + description: |- + Storage version of v1api20230201.ManagedClusterSKU_STATUS + The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -10362,65 +12709,89 @@ spec: type: string type: object storageProfile: - description: Storage version of v1api20230201.ManagedClusterStorageProfile_STATUS Storage profile for the container service cluster. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfile_STATUS + Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver_STATUS AzureBlob CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver_STATUS + AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver_STATUS AzureDisk CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver_STATUS + AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver_STATUS AzureFile CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver_STATUS + AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController_STATUS Snapshot Controller settings for the storage profile. + description: |- + Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController_STATUS + Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object systemData: - description: Storage version of v1api20230201.SystemData_STATUS Metadata pertaining to creation and last modification of the resource. + description: |- + Storage version of v1api20230201.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -10442,26 +12813,32 @@ spec: type: type: string windowsProfile: - description: Storage version of v1api20230201.ManagedClusterWindowsProfile_STATUS Profile for Windows VMs in the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterWindowsProfile_STATUS + Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - adminPassword: - type: string adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: Storage version of v1api20230201.WindowsGmsaProfile_STATUS Windows gMSA Profile in the managed cluster. + description: |- + Storage version of v1api20230201.WindowsGmsaProfile_STATUS + Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -10474,20 +12851,28 @@ spec: type: string type: object workloadAutoScalerProfile: - description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile_STATUS Workload Auto-scaler profile for the managed cluster. + description: |- + Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile_STATUS + Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keda: - description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: |- + Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -10515,13 +12900,25 @@ spec: name: v1api20230202preview schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-02-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-02-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -10551,7 +12948,9 @@ spec: description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: 'TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.' + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: @@ -10577,7 +12976,9 @@ spec: description: Profile for the container service agent pool. properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -10585,16 +12986,23 @@ spec: description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -10612,16 +13020,29 @@ spec: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: 'EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.' + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -10636,10 +13057,16 @@ spec: - MIG7g type: string hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -10661,7 +13088,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. minimum: 2 type: integer containerLogMaxSizeMB: @@ -10671,10 +13100,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -10689,11 +13123,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. enum: - OS - Temporary @@ -10793,10 +13232,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -10806,13 +13251,18 @@ spec: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: 'MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).' + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User @@ -10830,12 +13280,16 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. maximum: 65535 minimum: 1 type: integer @@ -10848,12 +13302,17 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: 'ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when created.' + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -10887,10 +13346,15 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -10909,20 +13373,33 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. enum: - CBLMariner - Mariner @@ -10937,10 +13414,16 @@ spec: - Windows type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -10954,7 +13437,10 @@ spec: type: string type: object powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -10967,7 +13453,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -10987,7 +13476,9 @@ spec: - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -10999,7 +13490,10 @@ spec: - Spot type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -11016,17 +13510,30 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11043,7 +13550,9 @@ spec: description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: 'DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.' + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: @@ -11061,7 +13570,10 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array @@ -11069,7 +13581,9 @@ spec: description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' @@ -11078,10 +13592,15 @@ spec: description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string subnetId: - description: 'SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.' + description: |- + SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable + apiserver vnet integration. type: string type: object autoScalerProfile: @@ -11091,7 +13610,10 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: 'Expander: If not specified, the default is ''random''. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.' + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. enum: - least-waste - most-pods @@ -11105,31 +13627,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -11156,7 +13693,9 @@ spec: - Unmanaged type: string upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -11178,10 +13717,14 @@ spec: description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' properties: metricAnnotationsAllowList: - description: 'MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource''s labels metric.' + description: |- + MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric. type: string metricLabelsAllowlist: - description: 'MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource''s labels metric.' + description: |- + MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels + metric. type: string type: object required: @@ -11189,19 +13732,26 @@ spec: type: object type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a + snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11216,13 +13766,21 @@ spec: type: object type: object disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetReference: - description: 'DiskEncryptionSetReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11239,10 +13797,16 @@ spec: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enableNamespaceResources: - description: 'EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.' + description: |- + EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed + cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as + a ARM Resource. type: boolean enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.' + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -11271,7 +13835,9 @@ spec: type: string type: array level: - description: 'Level: The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces' + description: |- + Level: The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS + excludes via systemExcludedNamespaces enum: - Enforcement - "Off" @@ -11306,14 +13872,18 @@ spec: description: 'Identity: The identity of the managed cluster, if configured.' properties: type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: description: Information about the user assigned identity for the resource properties: @@ -11321,7 +13891,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11351,7 +13924,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11374,10 +13950,15 @@ spec: description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: dnsZoneResourceReference: - description: 'DnsZoneResourceReference: Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.' + description: |- + DnsZoneResourceReference: Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing + is enabled. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11396,7 +13977,11 @@ spec: type: object type: object kubernetesVersion: - description: 'KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -11414,7 +13999,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string required: - keyData @@ -11434,15 +14021,21 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string dockerBridgeCidr: - description: 'DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.' + description: |- + DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP + ranges or the Kubernetes service address range. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string ipFamilies: - description: 'IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.' + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: enum: - IPv4 @@ -11450,10 +14043,15 @@ spec: type: string type: array kubeProxyConfig: - description: 'KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be ''1-23''.' + description: |- + KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy + defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ + where is represented by a - string. Kubernetes version 1.23 would be '1-23'. properties: enabled: - description: 'Enabled: Whether to enable on kube-proxy on the cluster (if no ''kubeProxyConfig'' exists, kube-proxy is enabled in AKS by default without these customizations).' + description: |- + Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by + default without these customizations). type: boolean ipvsConfig: description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' @@ -11465,7 +14063,9 @@ spec: - RoundRobin type: string tcpFinTimeoutSeconds: - description: 'TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.' + description: |- + TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive + integer value. type: integer tcpTimeoutSeconds: description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' @@ -11485,7 +14085,9 @@ spec: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer @@ -11504,7 +14106,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11523,7 +14128,9 @@ spec: description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer @@ -11531,12 +14138,16 @@ spec: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer countIPv6: - description: 'CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.' + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. maximum: 100 minimum: 0 type: integer @@ -11553,7 +14164,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11581,7 +14195,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11599,7 +14216,10 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. enum: - basic - standard @@ -11616,7 +14236,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11632,7 +14255,9 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. maximum: 120 minimum: 4 type: integer @@ -11640,7 +14265,9 @@ spec: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. maximum: 16 minimum: 1 type: integer @@ -11678,7 +14305,9 @@ spec: - cilium type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - managedNATGateway @@ -11690,16 +14319,22 @@ spec: pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: 'PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.' + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: 'ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array @@ -11725,19 +14360,40 @@ spec: type: boolean type: object operatorSpec: - description: 'OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure' + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: configMaps: description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: 'OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be created.' + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + principalId: + description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' properties: key: description: Key is the key in the ConfigMap being referenced type: string name: - description: Name is the name of the Kubernetes ConfigMap being referenced. The ConfigMap must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource type: string required: - key @@ -11748,26 +14404,34 @@ spec: description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: 'AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -11776,7 +14440,10 @@ spec: type: object type: object owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -11786,10 +14453,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -11815,7 +14488,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11844,7 +14520,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -11879,7 +14557,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11913,25 +14594,39 @@ spec: description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: 'AzureKeyVaultKms: Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.' + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: 'KeyId: Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.' + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: 'KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.' + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. enum: - Private - Public type: string keyVaultResourceReference: - description: 'KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11946,7 +14641,10 @@ spec: type: object type: object customCATrustCertificates: - description: 'CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)' + description: |- + CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the + Custom CA Trust feature enabled. For more information see [Custom CA Trust + Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string maxItems: 10 @@ -11956,10 +14654,16 @@ spec: description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -11991,14 +14695,19 @@ spec: type: integer type: object nodeRestriction: - description: 'NodeRestriction: [Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.' + description: |- + NodeRestriction: [Node + Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings + for the security profile. properties: enabled: description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: - description: 'WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.' + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: description: 'Enabled: Whether to enable workload identity.' @@ -12017,7 +14726,9 @@ spec: ingressGateways: description: 'IngressGateways: Istio ingress gateways.' items: - description: Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: description: 'Enabled: Whether to enable the ingress gateway.' @@ -12045,7 +14756,9 @@ spec: - mode type: object servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -12057,7 +14770,9 @@ spec: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -12075,7 +14790,9 @@ spec: - Base type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. enum: - Free - Standard @@ -12136,7 +14853,10 @@ spec: type: string type: array until: - description: 'Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won''t change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.' + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. type: string type: object type: object @@ -12144,29 +14864,66 @@ spec: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: 'DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: 'RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -12198,7 +14955,10 @@ spec: description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean updateMode: - description: 'UpdateMode: Each update mode level is a superset of the lower levels. Off, this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.' + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: 'EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.' + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -12321,7 +15105,10 @@ spec: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: 'HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string kubeletConfig: description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' @@ -12332,7 +15119,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -12341,10 +15130,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -12359,11 +15153,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -12460,10 +15259,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -12473,13 +15278,18 @@ spec: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: 'MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).' + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: Windows agent pool names must be 6 characters or less.' @@ -12493,10 +15303,14 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: description: 'Protocol: The network protocol of the port.' @@ -12531,7 +15345,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -12539,24 +15355,43 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -12572,13 +15407,18 @@ spec: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -12592,20 +15432,32 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: 'DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.' + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: @@ -12617,7 +15469,10 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array @@ -12625,7 +15480,9 @@ spec: description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' @@ -12634,10 +15491,15 @@ spec: description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string subnetId: - description: 'SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.' + description: |- + SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable + apiserver vnet integration. type: string type: object autoScalerProfile: @@ -12647,7 +15509,10 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: 'Expander: If not specified, the default is ''random''. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.' + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. type: string max-empty-bulk-delete: description: 'MaxEmptyBulkDelete: The default is 10.' @@ -12656,31 +15521,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -12702,7 +15582,9 @@ spec: description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' type: string upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: @@ -12718,16 +15600,23 @@ spec: description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' properties: metricAnnotationsAllowList: - description: 'MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource''s labels metric.' + description: |- + MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric. type: string metricLabelsAllowlist: - description: 'MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource''s labels metric.' + description: |- + MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels + metric. type: string type: object type: object type: object azurePortalFQDN: - description: 'AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn''t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.' + description: |- + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. type: string conditions: description: 'Conditions: The observed state of the resource' @@ -12742,14 +15631,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -12765,7 +15663,9 @@ spec: type: object type: array creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a + snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' @@ -12775,19 +15675,30 @@ spec: description: 'CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running.' type: string disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: 'DiskEncryptionSetID: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetID: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enableNamespaceResources: - description: 'EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.' + description: |- + EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed + cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as + a ARM Resource. type: boolean enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.' + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -12817,7 +15728,9 @@ spec: type: string type: array level: - description: 'Level: The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces' + description: |- + Level: The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS + excludes via systemExcludedNamespaces type: string systemExcludedNamespaces: description: 'SystemExcludedNamespaces: List of namespaces specified by AKS to be excluded from Guardrails' @@ -12832,7 +15745,9 @@ spec: description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: effectiveNoProxy: - description: 'EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a superset of noProxy and values injected by AKS.' + description: |- + EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a + superset of noProxy and values injected by AKS. items: type: string type: array @@ -12852,7 +15767,9 @@ spec: type: string type: object id: - description: 'Id: Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}' + description: |- + Id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} type: string identity: description: 'Identity: The identity of the managed cluster, if configured.' @@ -12864,7 +15781,9 @@ spec: description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: @@ -12876,7 +15795,9 @@ spec: description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: @@ -12902,13 +15823,19 @@ spec: description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: dnsZoneResourceId: - description: 'DnsZoneResourceId: Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.' + description: |- + DnsZoneResourceId: Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is + enabled. type: string enabled: description: 'Enabled: Whether to enable Web App Routing.' type: boolean identity: - description: 'Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more instructions.' + description: |- + Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted + permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See + [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more + instructions. properties: clientId: description: 'ClientId: The client ID of the user assigned identity.' @@ -12923,7 +15850,11 @@ spec: type: object type: object kubernetesVersion: - description: 'KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -12940,7 +15871,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string type: object type: array @@ -12959,21 +15892,32 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. type: string dockerBridgeCidr: - description: 'DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.' + description: |- + DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP + ranges or the Kubernetes service address range. type: string ipFamilies: - description: 'IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.' + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: type: string type: array kubeProxyConfig: - description: 'KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be ''1-23''.' + description: |- + KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy + defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ + where is represented by a - string. Kubernetes version 1.23 would be '1-23'. properties: enabled: - description: 'Enabled: Whether to enable on kube-proxy on the cluster (if no ''kubeProxyConfig'' exists, kube-proxy is enabled in AKS by default without these customizations).' + description: |- + Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by + default without these customizations). type: boolean ipvsConfig: description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' @@ -12982,7 +15926,9 @@ spec: description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' type: string tcpFinTimeoutSeconds: - description: 'TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.' + description: |- + TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive + integer value. type: integer tcpTimeoutSeconds: description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' @@ -12999,7 +15945,9 @@ spec: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' @@ -13018,16 +15966,22 @@ spec: description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - description: 'CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.' + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: @@ -13060,7 +16014,10 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. type: string natGatewayProfile: description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' @@ -13076,13 +16033,17 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. type: integer type: object type: object @@ -13102,21 +16063,29 @@ spec: description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: - description: 'PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.' + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. type: string serviceCidrs: - description: 'ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array @@ -13142,10 +16111,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -13220,7 +16195,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -13283,23 +16260,37 @@ spec: description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: 'AzureKeyVaultKms: Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.' + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: 'KeyId: Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.' + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: 'KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.' + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. type: string keyVaultResourceId: - description: 'KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must + be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. type: string type: object customCATrustCertificates: - description: 'CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)' + description: |- + CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the + Custom CA Trust feature enabled. For more information see [Custom CA Trust + Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string type: array @@ -13307,7 +16298,10 @@ spec: description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceId: - description: 'LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. + When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft + Defender is disabled, leave the field empty. type: string securityMonitoring: description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' @@ -13328,14 +16322,19 @@ spec: type: integer type: object nodeRestriction: - description: 'NodeRestriction: [Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.' + description: |- + NodeRestriction: [Node + Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings + for the security profile. properties: enabled: description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: - description: 'WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.' + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: description: 'Enabled: Whether to enable workload identity.' @@ -13354,7 +16353,9 @@ spec: ingressGateways: description: 'IngressGateways: Istio ingress gateways.' items: - description: Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: description: 'Enabled: Whether to enable the ingress gateway.' @@ -13371,7 +16372,9 @@ spec: type: string type: object servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -13384,7 +16387,9 @@ spec: description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: @@ -13465,37 +16470,52 @@ spec: type: string type: array until: - description: 'Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won''t change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.' + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: 'DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: 'RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: @@ -13517,7 +16537,10 @@ spec: description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean updateMode: - description: 'UpdateMode: Each update mode level is a superset of the lower levels. Off (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - AzureLinux - CBLMariner @@ -17090,10 +20983,16 @@ spec: - Windows type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17107,7 +21006,10 @@ spec: type: string type: object powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -17120,7 +21022,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17140,7 +21045,9 @@ spec: - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -17152,7 +21059,10 @@ spec: - Spot type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -17169,22 +21079,38 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: 'DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.' + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17211,7 +21137,10 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array @@ -17219,13 +21148,18 @@ spec: description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string type: object autoScalerProfile: @@ -17235,7 +21169,10 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: 'Expander: If not specified, the default is ''random''. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.' + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. enum: - least-waste - most-pods @@ -17249,31 +21186,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -17299,7 +21251,9 @@ spec: - Unmanaged type: string upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -17312,19 +21266,33 @@ spec: description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: 'Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.' + description: |- + Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: 'Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.' + description: |- + Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See + aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.' + description: |- + KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: metricAnnotationsAllowList: - description: 'MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource''s labels metric (Example: ''namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...''). By default the metric contains only resource name and namespace labels.' + description: |- + MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's + labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric + contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: 'MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource''s labels metric (Example: ''namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...''). By default the metric contains only resource name and namespace labels.' + description: |- + MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only + resource name and namespace labels. type: string type: object required: @@ -17332,19 +21300,29 @@ spec: type: object type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetReference: - description: 'DiskEncryptionSetReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17361,7 +21339,10 @@ spec: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.' + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -17416,7 +21397,10 @@ spec: description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17434,17 +21418,23 @@ spec: pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: 'DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.' + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: description: Information about the user assigned identity for the resource properties: @@ -17452,7 +21442,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17482,7 +21475,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17499,7 +21495,14 @@ spec: description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: 'KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All + upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or + 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -17517,7 +21520,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string required: - keyData @@ -17537,11 +21542,15 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: - description: 'IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.' + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: enum: - IPv4 @@ -17552,7 +21561,9 @@ spec: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer @@ -17571,7 +21582,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17590,7 +21604,9 @@ spec: description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer @@ -17598,12 +21614,16 @@ spec: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer countIPv6: - description: 'CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.' + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. maximum: 100 minimum: 0 type: integer @@ -17620,7 +21640,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17648,7 +21671,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17666,7 +21692,10 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. enum: - basic - standard @@ -17683,7 +21712,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17699,7 +21731,9 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. maximum: 120 minimum: 4 type: integer @@ -17707,7 +21741,9 @@ spec: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. maximum: 16 minimum: 1 type: integer @@ -17745,7 +21781,9 @@ spec: - cilium type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - managedNATGateway @@ -17757,16 +21795,22 @@ spec: pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: 'PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.' + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: 'ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array @@ -17782,19 +21826,40 @@ spec: type: boolean type: object operatorSpec: - description: 'OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure' + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: configMaps: description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: 'OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be created.' + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + principalId: + description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' properties: key: description: Key is the key in the ConfigMap being referenced type: string name: - description: Name is the name of the Kubernetes ConfigMap being referenced. The ConfigMap must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource type: string required: - key @@ -17805,26 +21870,34 @@ spec: description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: 'AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -17833,7 +21906,10 @@ spec: type: object type: object owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -17843,10 +21919,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -17872,7 +21954,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17901,7 +21986,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -17936,7 +22023,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -17969,25 +22059,39 @@ spec: description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: 'AzureKeyVaultKms: Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.' + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: 'KeyId: Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.' + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: 'KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.' + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. enum: - Private - Public type: string keyVaultResourceReference: - description: 'KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -18005,10 +22109,16 @@ spec: description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -18040,7 +22150,9 @@ spec: type: integer type: object workloadIdentity: - description: 'WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.' + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: description: 'Enabled: Whether to enable workload identity.' @@ -18054,7 +22166,9 @@ spec: description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: 'CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca' + description: |- + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: description: 'Plugin: Plugin certificates information for Service Mesh.' @@ -18072,7 +22186,10 @@ spec: description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -18113,7 +22230,9 @@ spec: ingressGateways: description: 'IngressGateways: Istio ingress gateways.' items: - description: Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: description: 'Enabled: Whether to enable the ingress gateway.' @@ -18131,7 +22250,10 @@ spec: type: array type: object revisions: - description: 'Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade' + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string maxItems: 2 @@ -18147,7 +22269,9 @@ spec: - mode type: object servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -18159,7 +22283,9 @@ spec: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -18177,7 +22303,9 @@ spec: - Base type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. enum: - Free - Premium @@ -18234,10 +22362,15 @@ spec: description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: 'ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.' + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: 'Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won''t change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.' + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. type: string type: object type: object @@ -18245,29 +22378,66 @@ spec: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: 'DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: 'RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -18328,7 +22498,9 @@ spec: description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: 'TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.' + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: @@ -18365,7 +22537,9 @@ spec: description: Profile for the container service agent pool. properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -18373,29 +22547,46 @@ spec: description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: 'CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be exactly equal to it. If orchestratorVersion is , this field will contain the full version being used.' + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -18404,7 +22595,10 @@ spec: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: 'HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string kubeletConfig: description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' @@ -18415,7 +22609,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -18424,10 +22620,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -18442,11 +22643,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -18543,10 +22749,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -18559,7 +22771,9 @@ spec: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: Windows agent pool names must be 6 characters or less.' @@ -18573,10 +22787,14 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: description: 'Protocol: The network protocol of the port.' @@ -18611,7 +22829,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -18619,24 +22839,43 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -18652,13 +22891,18 @@ spec: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -18672,17 +22916,30 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: 'DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.' + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' @@ -18693,7 +22950,10 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array @@ -18701,13 +22961,18 @@ spec: description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string type: object autoScalerProfile: @@ -18717,7 +22982,10 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: 'Expander: If not specified, the default is ''random''. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.' + description: |- + Expander: If not specified, the default is 'random'. See + [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more + information. type: string max-empty-bulk-delete: description: 'MaxEmptyBulkDelete: The default is 10.' @@ -18726,31 +22994,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -18772,32 +23055,51 @@ spec: description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' type: string upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: 'Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.' + description: |- + Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: 'Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.' + description: |- + Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See + aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.' + description: |- + KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: metricAnnotationsAllowList: - description: 'MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource''s labels metric (Example: ''namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...''). By default the metric contains only resource name and namespace labels.' + description: |- + MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's + labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric + contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: 'MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource''s labels metric (Example: ''namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...''). By default the metric contains only resource name and namespace labels.' + description: |- + MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only + resource name and namespace labels. type: string type: object type: object type: object azurePortalFQDN: - description: 'AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn''t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.' + description: |- + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. type: string conditions: description: 'Conditions: The observed state of the resource' @@ -18812,14 +23114,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -18835,19 +23146,30 @@ spec: type: object type: array currentKubernetesVersion: - description: 'CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be exactly equal to it. If kubernetesVersion was , this field will contain the full version being used.' + description: |- + CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be + exactly equal to it. If kubernetesVersion was , this field will contain the full + version being used. type: string disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: 'DiskEncryptionSetID: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetID: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.' + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -18887,7 +23209,9 @@ spec: type: string type: object id: - description: 'Id: Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"' + description: |- + Id: Fully qualified resource ID for the resource. E.g. + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" type: string identity: description: 'Identity: The identity of the managed cluster, if configured.' @@ -18909,7 +23233,9 @@ spec: description: 'TenantId: The tenant id of the delegated resource - internal use only.' type: string type: object - description: 'DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.' + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object principalId: description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' @@ -18918,7 +23244,9 @@ spec: description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: @@ -18930,7 +23258,9 @@ spec: description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: @@ -18950,7 +23280,14 @@ spec: description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: 'KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All + upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or + 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -18967,7 +23304,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string type: object type: array @@ -18986,10 +23325,14 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. type: string ipFamilies: - description: 'IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.' + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: type: string type: array @@ -18997,7 +23340,9 @@ spec: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' @@ -19016,16 +23361,22 @@ spec: description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - description: 'CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.' + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: @@ -19058,7 +23409,10 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. type: string natGatewayProfile: description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' @@ -19074,13 +23428,17 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. type: integer type: object type: object @@ -19100,21 +23458,29 @@ spec: description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: - description: 'PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.' + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. type: string serviceCidrs: - description: 'ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array @@ -19133,10 +23499,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -19211,7 +23583,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -19271,32 +23645,48 @@ spec: description: 'PublicNetworkAccess: Allow or deny public network access for AKS' type: string resourceUID: - description: 'ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence)' + description: |- + ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create + sequence) type: string securityProfile: description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: 'AzureKeyVaultKms: Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.' + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: 'KeyId: Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.' + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: 'KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.' + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. type: string keyVaultResourceId: - description: 'KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must + be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. type: string type: object defender: description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceId: - description: 'LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. + When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft + Defender is disabled, leave the field empty. type: string securityMonitoring: description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' @@ -19317,7 +23707,9 @@ spec: type: integer type: object workloadIdentity: - description: 'WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.' + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: description: 'Enabled: Whether to enable workload identity.' @@ -19331,7 +23723,9 @@ spec: description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: 'CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca' + description: |- + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: description: 'Plugin: Plugin certificates information for Service Mesh.' @@ -19374,7 +23768,9 @@ spec: ingressGateways: description: 'IngressGateways: Istio ingress gateways.' items: - description: Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: description: 'Enabled: Whether to enable the ingress gateway.' @@ -19386,7 +23782,10 @@ spec: type: array type: object revisions: - description: 'Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade' + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string type: array @@ -19396,7 +23795,9 @@ spec: type: string type: object servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -19409,7 +23810,9 @@ spec: description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: @@ -19484,40 +23887,57 @@ spec: description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: 'ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.' + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: 'Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won''t change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.' + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: 'DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: 'RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: @@ -19560,13 +23980,26 @@ spec: name: v1api20231001storage schema: openAPIV3Schema: - description: 'Storage version of v1api20231001.ManagedCluster Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}' + description: |- + Storage version of v1api20231001.ManagedCluster + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -19576,15 +24009,21 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20231001.ManagedClusterAADProfile For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: |- + Storage version of v1api20231001.ManagedClusterAADProfile + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -19605,12 +24044,16 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20231001.ManagedClusterAddonProfile A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterAddonProfile + A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -19622,12 +24065,16 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20231001.ManagedClusterAgentPoolProfile Profile for the container service agent pool. + description: |- + Storage version of v1api20231001.ManagedClusterAgentPoolProfile + Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -19637,7 +24084,10 @@ spec: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -19653,18 +24103,25 @@ spec: count: type: integer creationData: - description: Storage version of v1api20231001.CreationData Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231001.CreationData + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -19691,10 +24148,16 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -19708,12 +24171,16 @@ spec: type: string type: object kubeletConfig: - description: Storage version of v1api20231001.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231001.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -19743,22 +24210,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20231001.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231001.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20231001.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20231001.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -19833,21 +24308,29 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20231001.AgentPoolNetworkProfile Network settings of an agent pool. + description: |- + Storage version of v1api20231001.AgentPoolNetworkProfile + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20231001.PortRange The port range. + description: |- + Storage version of v1api20231001.PortRange + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -19862,7 +24345,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -19878,12 +24364,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20231001.IPTag Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231001.IPTag + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -19897,10 +24387,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -19928,10 +24423,16 @@ spec: osType: type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -19945,12 +24446,16 @@ spec: type: string type: object powerState: - description: Storage version of v1api20231001.PowerState Describes the Power State of the cluster + description: |- + Storage version of v1api20231001.PowerState + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -19959,7 +24464,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -19987,12 +24495,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231001.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20231001.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -20002,10 +24514,16 @@ spec: vmSize: type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20023,12 +24541,16 @@ spec: type: object type: array apiServerAccessProfile: - description: Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile Access profile for managed cluster API server. + description: |- + Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile + Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -20049,7 +24571,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -20087,12 +24611,16 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile Auto upgrade profile for a managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile + Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -20100,30 +24628,46 @@ spec: type: string type: object azureMonitorProfile: - description: Storage version of v1api20231001.ManagedClusterAzureMonitorProfile Azure Monitor addon profiles for monitoring the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfile + Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metrics: - description: Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview. + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics + Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details. + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics + Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -20133,15 +24677,22 @@ spec: type: object type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: 'DiskEncryptionSetReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20161,12 +24712,16 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20231001.ExtendedLocation The complex type of the extended location. + description: |- + Storage version of v1api20231001.ExtendedLocation + The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -20176,12 +24731,16 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20231001.ManagedClusterHTTPProxyConfig Cluster HTTP proxy configuration. + description: |- + Storage version of v1api20231001.ManagedClusterHTTPProxyConfig + Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -20195,21 +24754,29 @@ spec: type: string type: object identity: - description: Storage version of v1api20231001.ManagedClusterIdentity Identity for the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterIdentity + Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: Storage version of v1api20231001.DelegatedResource Delegated resource properties - internal use only. + description: |- + Storage version of v1api20231001.DelegatedResource + Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object location: type: string @@ -20219,7 +24786,10 @@ spec: description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20240,18 +24810,25 @@ spec: type: string userAssignedIdentities: items: - description: Storage version of v1api20231001.UserAssignedIdentityDetails Information about the user assigned identity for the resource + description: |- + Storage version of v1api20231001.UserAssignedIdentityDetails + Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20269,12 +24846,16 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20231001.UserAssignedIdentity Details about a user assigned identity. + description: |- + Storage version of v1api20231001.UserAssignedIdentity + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -20284,7 +24865,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20302,31 +24886,43 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20231001.ContainerServiceLinuxProfile Profile for Linux VMs in the container service cluster. + description: |- + Storage version of v1api20231001.ContainerServiceLinuxProfile + Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20231001.ContainerServiceSshConfiguration SSH configuration for Linux-based VMs running on Azure. + description: |- + Storage version of v1api20231001.ContainerServiceSshConfiguration + SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20231001.ContainerServiceSshPublicKey Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20231001.ContainerServiceSshPublicKey + Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -20337,12 +24933,16 @@ spec: location: type: string networkProfile: - description: Storage version of v1api20231001.ContainerServiceNetworkProfile Profile of network configuration. + description: |- + Storage version of v1api20231001.ContainerServiceNetworkProfile + Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -20351,12 +24951,16 @@ spec: type: string type: array loadBalancerProfile: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile Profile of the managed cluster load balancer. + description: |- + Storage version of v1api20231001.ManagedClusterLoadBalancerProfile + Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -20364,18 +24968,25 @@ spec: type: string effectiveOutboundIPs: items: - description: Storage version of v1api20231001.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20400,7 +25011,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -20413,22 +25026,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20231001.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20450,22 +25072,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20231001.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20485,27 +25116,38 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: Storage version of v1api20231001.ManagedClusterNATGatewayProfile Profile of the managed cluster NAT gateway. + description: |- + Storage version of v1api20231001.ManagedClusterNATGatewayProfile + Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: Storage version of v1api20231001.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20523,12 +25165,16 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile Profile of the managed outbound IP resources of the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile + Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -20562,23 +25208,31 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile The OIDC issuer profile of the Managed Cluster. + description: |- + Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile + The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object operatorSpec: - description: Storage version of v1api20231001.ManagedClusterOperatorSpec Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + description: |- + Storage version of v1api20231001.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object configMaps: description: Storage version of v1api20231001.ManagedClusterOperatorConfigMaps @@ -20586,16 +25240,39 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object oidcIssuerProfile: - description: 'ConfigMapDestination describes the location to store a single configmap value Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other.' + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + principalId: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the ConfigMap being referenced type: string name: - description: Name is the name of the Kubernetes ConfigMap being referenced. The ConfigMap must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource type: string required: - key @@ -20608,29 +25285,39 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: 'SecretDestination describes the location to store a single secret value. Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other.' + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'SecretDestination describes the location to store a single secret value. Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other.' + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -20641,7 +25328,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -20651,12 +25341,17 @@ spec: type: string type: object podIdentityProfile: - description: Storage version of v1api20231001.ManagedClusterPodIdentityProfile See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityProfile + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -20664,22 +25359,30 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20231001.ManagedClusterPodIdentity Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentity + Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20231001.UserAssignedIdentity Details about a user assigned identity. + description: |- + Storage version of v1api20231001.UserAssignedIdentity + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -20689,7 +25392,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20711,12 +25417,17 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20231001.ManagedClusterPodIdentityException See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityException + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -20731,12 +25442,16 @@ spec: type: object privateLinkResources: items: - description: Storage version of v1api20231001.PrivateLinkResource A private link resource + description: |- + Storage version of v1api20231001.PrivateLinkResource + A private link resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -20746,7 +25461,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20770,20 +25488,28 @@ spec: publicNetworkAccess: type: string securityProfile: - description: Storage version of v1api20231001.ManagedClusterSecurityProfile Security profile for the container service cluster. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfile + Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: Storage version of v1api20231001.AzureKeyVaultKms Azure Key Vault key management service settings for the security profile. + description: |- + Storage version of v1api20231001.AzureKeyVaultKms + Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -20792,10 +25518,15 @@ spec: keyVaultNetworkAccess: type: string keyVaultResourceReference: - description: 'KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20810,18 +25541,28 @@ spec: type: object type: object defender: - description: Storage version of v1api20231001.ManagedClusterSecurityProfileDefender Microsoft Defender settings for the security profile. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileDefender + Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20835,24 +25576,33 @@ spec: type: string type: object securityMonitoring: - description: Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring Microsoft Defender settings for the security profile threat detection. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring + Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -20860,48 +25610,69 @@ spec: type: integer type: object workloadIdentity: - description: Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity Workload identity settings for the security profile. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity + Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: Storage version of v1api20231001.ServiceMeshProfile Service mesh profile for a managed cluster. + description: |- + Storage version of v1api20231001.ServiceMeshProfile + Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object istio: - description: Storage version of v1api20231001.IstioServiceMesh Istio service mesh configuration. + description: |- + Storage version of v1api20231001.IstioServiceMesh + Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: Storage version of v1api20231001.IstioCertificateAuthority Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca + description: |- + Storage version of v1api20231001.IstioCertificateAuthority + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object plugin: - description: Storage version of v1api20231001.IstioPluginCertificateAuthority Plugin certificates information for Service Mesh. + description: |- + Storage version of v1api20231001.IstioPluginCertificateAuthority + Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -20913,7 +25684,10 @@ spec: description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -20931,21 +25705,29 @@ spec: type: object type: object components: - description: Storage version of v1api20231001.IstioComponents Istio components configuration. + description: |- + Storage version of v1api20231001.IstioComponents + Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: Storage version of v1api20231001.IstioEgressGateway Istio egress gateway configuration. + description: |- + Storage version of v1api20231001.IstioEgressGateway + Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -20957,12 +25739,17 @@ spec: type: array ingressGateways: items: - description: Storage version of v1api20231001.IstioIngressGateway Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Storage version of v1api20231001.IstioIngressGateway + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -20980,23 +25767,31 @@ spec: type: string type: object servicePrincipalProfile: - description: Storage version of v1api20231001.ManagedClusterServicePrincipalProfile Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: |- + Storage version of v1api20231001.ManagedClusterServicePrincipalProfile + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: SecretReference is a reference to a Kubernetes secret and key in the same namespace as the resource it is on. + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -21004,12 +25799,16 @@ spec: type: object type: object sku: - description: Storage version of v1api20231001.ManagedClusterSKU The SKU of a Managed Cluster. + description: |- + Storage version of v1api20231001.ManagedClusterSKU + The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -21017,53 +25816,73 @@ spec: type: string type: object storageProfile: - description: Storage version of v1api20231001.ManagedClusterStorageProfile Storage profile for the container service cluster. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfile + Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver AzureBlob CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver + AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver AzureDisk CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver + AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver AzureFile CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver + AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController Snapshot Controller settings for the storage profile. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController + Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -21076,20 +25895,28 @@ spec: type: string type: object upgradeSettings: - description: Storage version of v1api20231001.ClusterUpgradeSettings Settings for upgrading a cluster. + description: |- + Storage version of v1api20231001.ClusterUpgradeSettings + Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: Storage version of v1api20231001.UpgradeOverrideSettings Settings for overrides when upgrading a cluster. + description: |- + Storage version of v1api20231001.UpgradeOverrideSettings + Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -21098,26 +25925,49 @@ spec: type: object type: object windowsProfile: - description: Storage version of v1api20231001.ManagedClusterWindowsProfile Profile for Windows VMs in the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterWindowsProfile + Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminPassword: - type: string + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: Storage version of v1api20231001.WindowsGmsaProfile Windows gMSA Profile in the managed cluster. + description: |- + Storage version of v1api20231001.WindowsGmsaProfile + Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -21130,31 +25980,43 @@ spec: type: string type: object workloadAutoScalerProfile: - description: Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile Workload Auto-scaler profile for the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile + Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keda: - description: Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler + VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -21164,20 +26026,28 @@ spec: - owner type: object status: - description: Storage version of v1api20231001.ManagedCluster_STATUS Managed cluster. + description: |- + Storage version of v1api20231001.ManagedCluster_STATUS + Managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20231001.ManagedClusterAADProfile_STATUS For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: |- + Storage version of v1api20231001.ManagedClusterAADProfile_STATUS + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -21198,12 +26068,16 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20231001.ManagedClusterAddonProfile_STATUS A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterAddonProfile_STATUS + A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -21212,12 +26086,16 @@ spec: enabled: type: boolean identity: - description: Storage version of v1api20231001.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20231001.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -21230,12 +26108,16 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20231001.ManagedClusterAgentPoolProfile_STATUS Profile for the container service agent pool. + description: |- + Storage version of v1api20231001.ManagedClusterAgentPoolProfile_STATUS + Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -21246,12 +26128,16 @@ spec: count: type: integer creationData: - description: Storage version of v1api20231001.CreationData_STATUS Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231001.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -21273,12 +26159,16 @@ spec: hostGroupID: type: string kubeletConfig: - description: Storage version of v1api20231001.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231001.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -21308,22 +26198,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20231001.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231001.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20231001.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20231001.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -21398,21 +26296,29 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS Network settings of an agent pool. + description: |- + Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20231001.PortRange_STATUS The port range. + description: |- + Storage version of v1api20231001.PortRange_STATUS + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -21428,12 +26334,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20231001.IPTag_STATUS Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231001.IPTag_STATUS + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -21467,12 +26377,16 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20231001.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20231001.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -21496,12 +26410,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -21517,12 +26435,16 @@ spec: type: object type: array apiServerAccessProfile: - description: Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile_STATUS Access profile for managed cluster API server. + description: |- + Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile_STATUS + Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -21543,7 +26465,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -21581,12 +26505,16 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile_STATUS Auto upgrade profile for a managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile_STATUS + Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -21594,30 +26522,46 @@ spec: type: string type: object azureMonitorProfile: - description: Storage version of v1api20231001.ManagedClusterAzureMonitorProfile_STATUS Azure Monitor addon profiles for monitoring the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfile_STATUS + Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metrics: - description: Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics_STATUS Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview. + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics_STATUS + Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes + infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See + aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details. + description: |- + Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the + kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for + details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -21640,14 +26584,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -21675,12 +26628,16 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20231001.ExtendedLocation_STATUS The complex type of the extended location. + description: |- + Storage version of v1api20231001.ExtendedLocation_STATUS + The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -21692,12 +26649,16 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20231001.ManagedClusterHTTPProxyConfig_STATUS Cluster HTTP proxy configuration. + description: |- + Storage version of v1api20231001.ManagedClusterHTTPProxyConfig_STATUS + Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -21713,21 +26674,29 @@ spec: id: type: string identity: - description: Storage version of v1api20231001.ManagedClusterIdentity_STATUS Identity for the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterIdentity_STATUS + Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: Storage version of v1api20231001.DelegatedResource_STATUS Delegated resource properties - internal use only. + description: |- + Storage version of v1api20231001.DelegatedResource_STATUS + Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object location: type: string @@ -21752,7 +26721,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -21763,12 +26734,16 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20231001.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20231001.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -21781,31 +26756,43 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20231001.ContainerServiceLinuxProfile_STATUS Profile for Linux VMs in the container service cluster. + description: |- + Storage version of v1api20231001.ContainerServiceLinuxProfile_STATUS + Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20231001.ContainerServiceSshConfiguration_STATUS SSH configuration for Linux-based VMs running on Azure. + description: |- + Storage version of v1api20231001.ContainerServiceSshConfiguration_STATUS + SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20231001.ContainerServiceSshPublicKey_STATUS Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20231001.ContainerServiceSshPublicKey_STATUS + Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -21820,12 +26807,16 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20231001.ContainerServiceNetworkProfile_STATUS Profile of network configuration. + description: |- + Storage version of v1api20231001.ContainerServiceNetworkProfile_STATUS + Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -21834,12 +26825,16 @@ spec: type: string type: array loadBalancerProfile: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_STATUS Profile of the managed cluster load balancer. + description: |- + Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_STATUS + Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -21847,12 +26842,16 @@ spec: type: string effectiveOutboundIPs: items: - description: Storage version of v1api20231001.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -21868,7 +26867,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -21881,16 +26882,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20231001.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -21903,16 +26910,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20231001.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -21923,21 +26936,29 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: Storage version of v1api20231001.ManagedClusterNATGatewayProfile_STATUS Profile of the managed cluster NAT gateway. + description: |- + Storage version of v1api20231001.ManagedClusterNATGatewayProfile_STATUS + Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: Storage version of v1api20231001.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20231001.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -21946,12 +26967,16 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile_STATUS Profile of the managed outbound IP resources of the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile_STATUS + Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -21985,12 +27010,16 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile_STATUS The OIDC issuer profile of the Managed Cluster. + description: |- + Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile_STATUS + The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -21998,12 +27027,17 @@ spec: type: string type: object podIdentityProfile: - description: Storage version of v1api20231001.ManagedClusterPodIdentityProfile_STATUS See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityProfile_STATUS + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -22011,22 +27045,30 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20231001.ManagedClusterPodIdentity_STATUS Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentity_STATUS + Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20231001.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20231001.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -22045,23 +27087,33 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningError_STATUS An error response from the pod identity provisioning. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningError_STATUS + An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningErrorBody_STATUS An error response from the pod identity provisioning. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -22072,7 +27124,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -22095,12 +27149,17 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20231001.ManagedClusterPodIdentityException_STATUS See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + Storage version of v1api20231001.ManagedClusterPodIdentityException_STATUS + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -22114,12 +27173,16 @@ spec: type: array type: object powerState: - description: Storage version of v1api20231001.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20231001.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -22128,12 +27191,16 @@ spec: type: string privateLinkResources: items: - description: Storage version of v1api20231001.PrivateLinkResource_STATUS A private link resource + description: |- + Storage version of v1api20231001.PrivateLinkResource_STATUS + A private link resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -22158,20 +27225,28 @@ spec: resourceUID: type: string securityProfile: - description: Storage version of v1api20231001.ManagedClusterSecurityProfile_STATUS Security profile for the container service cluster. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfile_STATUS + Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: Storage version of v1api20231001.AzureKeyVaultKms_STATUS Azure Key Vault key management service settings for the security profile. + description: |- + Storage version of v1api20231001.AzureKeyVaultKms_STATUS + Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -22183,34 +27258,47 @@ spec: type: string type: object defender: - description: Storage version of v1api20231001.ManagedClusterSecurityProfileDefender_STATUS Microsoft Defender settings for the security profile. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileDefender_STATUS + Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceId: type: string securityMonitoring: - description: Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS Microsoft Defender settings for the security profile threat detection. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner_STATUS Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner_STATUS + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -22218,48 +27306,69 @@ spec: type: integer type: object workloadIdentity: - description: Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity_STATUS Workload identity settings for the security profile. + description: |- + Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: Storage version of v1api20231001.ServiceMeshProfile_STATUS Service mesh profile for a managed cluster. + description: |- + Storage version of v1api20231001.ServiceMeshProfile_STATUS + Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object istio: - description: Storage version of v1api20231001.IstioServiceMesh_STATUS Istio service mesh configuration. + description: |- + Storage version of v1api20231001.IstioServiceMesh_STATUS + Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: Storage version of v1api20231001.IstioCertificateAuthority_STATUS Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca + description: |- + Storage version of v1api20231001.IstioCertificateAuthority_STATUS + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object plugin: - description: Storage version of v1api20231001.IstioPluginCertificateAuthority_STATUS Plugin certificates information for Service Mesh. + description: |- + Storage version of v1api20231001.IstioPluginCertificateAuthority_STATUS + Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -22274,21 +27383,29 @@ spec: type: object type: object components: - description: Storage version of v1api20231001.IstioComponents_STATUS Istio components configuration. + description: |- + Storage version of v1api20231001.IstioComponents_STATUS + Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: Storage version of v1api20231001.IstioEgressGateway_STATUS Istio egress gateway configuration. + description: |- + Storage version of v1api20231001.IstioEgressGateway_STATUS + Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -22300,12 +27417,17 @@ spec: type: array ingressGateways: items: - description: Storage version of v1api20231001.IstioIngressGateway_STATUS Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Storage version of v1api20231001.IstioIngressGateway_STATUS + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -22323,23 +27445,31 @@ spec: type: string type: object servicePrincipalProfile: - description: Storage version of v1api20231001.ManagedClusterServicePrincipalProfile_STATUS Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: |- + Storage version of v1api20231001.ManagedClusterServicePrincipalProfile_STATUS + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: Storage version of v1api20231001.ManagedClusterSKU_STATUS The SKU of a Managed Cluster. + description: |- + Storage version of v1api20231001.ManagedClusterSKU_STATUS + The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -22347,53 +27477,73 @@ spec: type: string type: object storageProfile: - description: Storage version of v1api20231001.ManagedClusterStorageProfile_STATUS Storage profile for the container service cluster. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfile_STATUS + Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver_STATUS AzureBlob CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver_STATUS + AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver_STATUS AzureDisk CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver_STATUS + AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver_STATUS AzureFile CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver_STATUS + AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController_STATUS Snapshot Controller settings for the storage profile. + description: |- + Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController_STATUS + Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -22402,12 +27552,16 @@ spec: supportPlan: type: string systemData: - description: Storage version of v1api20231001.SystemData_STATUS Metadata pertaining to creation and last modification of the resource. + description: |- + Storage version of v1api20231001.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -22429,20 +27583,28 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231001.ClusterUpgradeSettings_STATUS Settings for upgrading a cluster. + description: |- + Storage version of v1api20231001.ClusterUpgradeSettings_STATUS + Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: Storage version of v1api20231001.UpgradeOverrideSettings_STATUS Settings for overrides when upgrading a cluster. + description: |- + Storage version of v1api20231001.UpgradeOverrideSettings_STATUS + Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -22451,26 +27613,32 @@ spec: type: object type: object windowsProfile: - description: Storage version of v1api20231001.ManagedClusterWindowsProfile_STATUS Profile for Windows VMs in the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterWindowsProfile_STATUS + Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - adminPassword: - type: string adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: Storage version of v1api20231001.WindowsGmsaProfile_STATUS Windows gMSA Profile in the managed cluster. + description: |- + Storage version of v1api20231001.WindowsGmsaProfile_STATUS + Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -22483,31 +27651,43 @@ spec: type: string type: object workloadAutoScalerProfile: - description: Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile_STATUS Workload Auto-scaler profile for the managed cluster. + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile_STATUS + Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keda: - description: Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. + description: |- + Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS + VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -22535,13 +27715,25 @@ spec: name: v1api20231102preview schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -22571,7 +27763,9 @@ spec: description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: 'TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.' + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: @@ -22600,11 +27794,15 @@ spec: description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: 'Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.' + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -22612,7 +27810,10 @@ spec: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -22626,16 +27827,23 @@ spec: type: string type: object count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -22653,16 +27861,29 @@ spec: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: 'EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.' + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -22680,14 +27901,24 @@ spec: description: 'GpuProfile: The GPU settings of an agent pool.' properties: installGPUDriver: - description: 'InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.' + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. type: boolean type: object hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -22709,7 +27940,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. minimum: 2 type: integer containerLogMaxSizeMB: @@ -22719,10 +27952,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -22737,11 +27975,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. enum: - OS - Temporary @@ -22847,10 +28090,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -22860,13 +28109,18 @@ spec: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: 'MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).' + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User @@ -22884,12 +28138,16 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. maximum: 65535 minimum: 1 type: integer @@ -22902,12 +28160,17 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: 'ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when created.' + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -22936,7 +28199,12 @@ spec: type: array type: object nodeInitializationTaints: - description: 'NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ''key1=value1:NoSchedule'' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`' + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` items: type: string type: array @@ -22946,10 +28214,15 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -22968,20 +28241,33 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. enum: - AzureLinux - CBLMariner @@ -22998,10 +28284,16 @@ spec: - Windows type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23015,7 +28307,10 @@ spec: type: string type: object powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -23028,7 +28323,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23048,7 +28346,9 @@ spec: - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -23063,10 +28363,14 @@ spec: description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: 'EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.' + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: 'EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.' + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: description: 'SshAccess: SSH access method of an agent pool.' @@ -23076,7 +28380,10 @@ spec: type: string type: object spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -23094,15 +28401,24 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: 'DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.' + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: 'NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.' + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. maximum: 30 minimum: 0 type: integer @@ -23136,7 +28452,9 @@ spec: minimum: 0 type: integer sizes: - description: 'Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.' + description: |- + Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable + (e.g. due to quota or regional capacity reasons), AKS will use the next size. items: type: string type: array @@ -23145,13 +28463,22 @@ spec: type: object type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23168,7 +28495,9 @@ spec: description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: 'DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.' + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: @@ -23193,7 +28522,10 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array @@ -23201,7 +28533,9 @@ spec: description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' @@ -23210,10 +28544,15 @@ spec: description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string subnetId: - description: 'SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.' + description: |- + SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable + apiserver vnet integration. type: string type: object autoScalerProfile: @@ -23223,10 +28562,16 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: - description: 'DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.' + description: |- + DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the + node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be + deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: 'DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.' + description: |- + DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion + of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node + will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' @@ -23237,7 +28582,9 @@ spec: - random type: string ignore-daemonsets-utilization: - description: 'IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.' + description: |- + IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making + scaling down decisions. type: boolean max-empty-bulk-delete: description: 'MaxEmptyBulkDelete: The default is 10.' @@ -23246,31 +28593,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -23297,7 +28659,9 @@ spec: - Unmanaged type: string upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -23310,26 +28674,38 @@ spec: description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' properties: logs: - description: 'Logs: Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.' + description: |- + Logs: Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes + infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. properties: appMonitoring: - description: 'AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.' + description: |- + AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics + and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: description: 'Enabled: Indicates if Application Monitoring enabled or not.' type: boolean type: object containerInsights: - description: 'ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.' + description: |- + ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & + stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: enabled: description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' type: boolean logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.' + description: |- + LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing + Azure Monitor Container Insights Logs. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23343,7 +28719,9 @@ spec: type: string type: object windowsHostLogs: - description: 'WindowsHostLogs: Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.' + description: |- + WindowsHostLogs: Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and + Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: enabled: description: 'Enabled: Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.' @@ -23355,7 +28733,10 @@ spec: description: 'Metrics: Metrics profile for the prometheus service addon' properties: appMonitoringOpenTelemetryMetrics: - description: 'AppMonitoringOpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.' + description: |- + AppMonitoringOpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application + Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor + OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' @@ -23368,10 +28749,14 @@ spec: description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' properties: metricAnnotationsAllowList: - description: 'MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource''s labels metric.' + description: |- + MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric. type: string metricLabelsAllowlist: - description: 'MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource''s labels metric.' + description: |- + MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels + metric. type: string type: object required: @@ -23379,19 +28764,26 @@ spec: type: object type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a + snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23406,13 +28798,21 @@ spec: type: object type: object disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetReference: - description: 'DiskEncryptionSetReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23429,10 +28829,16 @@ spec: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enableNamespaceResources: - description: 'EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.' + description: |- + EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed + cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as + a ARM Resource. type: boolean enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.' + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -23487,7 +28893,10 @@ spec: description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23505,17 +28914,23 @@ spec: pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: 'DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.' + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: description: Information about the user assigned identity for the resource properties: @@ -23523,7 +28938,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23553,7 +28971,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23576,12 +28997,18 @@ spec: description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: dnsZoneResourceReferences: - description: 'DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.' + description: |- + DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only + when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS + zones must be in the same resource group and all private DNS zones must be in the same resource group. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23601,7 +29028,11 @@ spec: type: object type: object kubernetesVersion: - description: 'KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -23619,7 +29050,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string required: - keyData @@ -23642,7 +29075,10 @@ spec: description: 'CostAnalysis: The cost analysis configuration for the cluster' properties: enabled: - description: 'Enabled: The Managed Cluster sku.tier must be set to ''Standard'' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.' + description: |- + Enabled: The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add + Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the + default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object @@ -23650,11 +29086,15 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: - description: 'IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.' + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: description: To determine if address belongs IPv4 or IPv6 family. enum: @@ -23663,10 +29103,15 @@ spec: type: string type: array kubeProxyConfig: - description: 'KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be ''1-23''.' + description: |- + KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy + defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ + where is represented by a - string. Kubernetes version 1.23 would be '1-23'. properties: enabled: - description: 'Enabled: Whether to enable on kube-proxy on the cluster (if no ''kubeProxyConfig'' exists, kube-proxy is enabled in AKS by default without these customizations).' + description: |- + Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by + default without these customizations). type: boolean ipvsConfig: description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' @@ -23678,7 +29123,9 @@ spec: - RoundRobin type: string tcpFinTimeoutSeconds: - description: 'TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.' + description: |- + TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive + integer value. type: integer tcpTimeoutSeconds: description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' @@ -23698,7 +29145,9 @@ spec: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer @@ -23717,7 +29166,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23736,7 +29188,9 @@ spec: description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer @@ -23744,12 +29198,16 @@ spec: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer countIPv6: - description: 'CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.' + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. maximum: 100 minimum: 0 type: integer @@ -23766,7 +29224,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23794,7 +29255,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23812,13 +29276,18 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. enum: - basic - standard type: string monitoring: - description: 'Monitoring: This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format' + description: |- + Monitoring: This addon can be used to configure network monitoring and generate network monitoring data in Prometheus + format properties: enabled: description: 'Enabled: Enable or disable the network monitoring plugin on the cluster' @@ -23836,7 +29305,10 @@ spec: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -23852,7 +29324,9 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. maximum: 120 minimum: 4 type: integer @@ -23860,7 +29334,9 @@ spec: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. maximum: 16 minimum: 1 type: integer @@ -23899,7 +29375,9 @@ spec: - none type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - managedNATGateway @@ -23911,16 +29389,22 @@ spec: pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: 'PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.' + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: 'ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array @@ -23956,19 +29440,25 @@ spec: type: boolean type: object operatorSpec: - description: 'OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure' + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure properties: configMaps: description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: 'OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be created.' + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. properties: key: description: Key is the key in the ConfigMap being referenced type: string name: - description: Name is the name of the Kubernetes ConfigMap being referenced. The ConfigMap must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource type: string required: - key @@ -23979,26 +29469,34 @@ spec: description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: 'AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be retrieved from Azure.' + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -24007,7 +29505,10 @@ spec: type: object type: object owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -24017,10 +29518,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -24046,7 +29553,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -24075,7 +29585,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -24110,7 +29622,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -24149,7 +29664,9 @@ spec: type: string type: array level: - description: 'Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces' + description: |- + Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS + excludes via systemExcludedNamespaces enum: - Enforcement - "Off" @@ -24165,25 +29682,39 @@ spec: description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: 'AzureKeyVaultKms: Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.' + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: 'KeyId: Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.' + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: 'KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.' + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. enum: - Private - Public type: string keyVaultResourceReference: - description: 'KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -24198,7 +29729,10 @@ spec: type: object type: object customCATrustCertificates: - description: 'CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)' + description: |- + CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the + Custom CA Trust feature enabled. For more information see [Custom CA Trust + Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string maxItems: 10 @@ -24208,10 +29742,16 @@ spec: description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -24243,21 +29783,29 @@ spec: type: integer type: object imageIntegrity: - description: 'ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.' + description: |- + ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This + will not have any effect unless Azure Policy is applied to enforce image signatures. See + https://aka.ms/aks/image-integrity for how to use this feature via policy. properties: enabled: description: 'Enabled: Whether to enable image integrity. The default value is false.' type: boolean type: object nodeRestriction: - description: 'NodeRestriction: [Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.' + description: |- + NodeRestriction: [Node + Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings + for the security profile. properties: enabled: description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: - description: 'WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.' + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: description: 'Enabled: Whether to enable workload identity.' @@ -24271,7 +29819,9 @@ spec: description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: 'CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca' + description: |- + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: description: 'Plugin: Plugin certificates information for Service Mesh.' @@ -24289,7 +29839,10 @@ spec: description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -24330,7 +29883,9 @@ spec: ingressGateways: description: 'IngressGateways: Istio ingress gateways.' items: - description: Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: description: 'Enabled: Whether to enable the ingress gateway.' @@ -24348,7 +29903,10 @@ spec: type: array type: object revisions: - description: 'Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade' + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string maxItems: 2 @@ -24364,7 +29922,9 @@ spec: - mode type: object servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -24376,7 +29936,9 @@ spec: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -24394,7 +29956,9 @@ spec: - Base type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. enum: - Free - Premium @@ -24454,10 +30018,15 @@ spec: description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: 'ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.' + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: 'Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won''t change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.' + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. type: string type: object type: object @@ -24465,29 +30034,66 @@ spec: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: 'DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: 'RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -24553,7 +30159,9 @@ spec: description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: 'TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.' + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object addonProfiles: @@ -24593,11 +30201,15 @@ spec: description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: 'Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.' + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -24605,32 +30217,52 @@ spec: description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: 'CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.' + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: 'EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.' + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -24642,11 +30274,18 @@ spec: description: 'GpuProfile: The GPU settings of an agent pool.' properties: installGPUDriver: - description: 'InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.' + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. type: boolean type: object hostGroupID: - description: 'HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string kubeletConfig: description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' @@ -24657,7 +30296,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -24666,10 +30307,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -24684,11 +30330,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -24785,10 +30436,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -24798,13 +30455,18 @@ spec: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: 'MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).' + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: Windows agent pool names must be 6 characters or less.' @@ -24818,10 +30480,14 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: description: 'Protocol: The network protocol of the port.' @@ -24851,7 +30517,12 @@ spec: description: 'NodeImageVersion: The version of node image' type: string nodeInitializationTaints: - description: 'NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ''key1=value1:NoSchedule'' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`' + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` items: type: string type: array @@ -24861,7 +30532,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -24869,24 +30542,43 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -24902,7 +30594,9 @@ spec: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' @@ -24911,17 +30605,24 @@ spec: description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: 'EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.' + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: 'EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.' + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: description: 'SshAccess: SSH access method of an agent pool.' type: string type: object spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -24935,13 +30636,22 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: 'DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.' + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: 'NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.' + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. type: integer type: object virtualMachineNodesStatus: @@ -24971,7 +30681,9 @@ spec: description: 'Count: Number of nodes.' type: integer sizes: - description: 'Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.' + description: |- + Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable + (e.g. due to quota or regional capacity reasons), AKS will use the next size. items: type: string type: array @@ -24980,16 +30692,24 @@ spec: type: object type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: 'DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.' + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: @@ -25008,7 +30728,10 @@ spec: description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: 'AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).' + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array @@ -25016,7 +30739,9 @@ spec: description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: 'EnablePrivateCluster: For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).' + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' @@ -25025,10 +30750,15 @@ spec: description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: 'PrivateDNSZone: The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are ''system'' and ''none''.' + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. type: string subnetId: - description: 'SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.' + description: |- + SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable + apiserver vnet integration. type: string type: object autoScalerProfile: @@ -25038,16 +30768,24 @@ spec: description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: - description: 'DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.' + description: |- + DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the + node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be + deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: 'DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.' + description: |- + DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion + of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node + will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' type: string ignore-daemonsets-utilization: - description: 'IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.' + description: |- + IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making + scaling down decisions. type: boolean max-empty-bulk-delete: description: 'MaxEmptyBulkDelete: The default is 10.' @@ -25056,31 +30794,46 @@ spec: description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: 'MaxNodeProvisionTime: The default is ''15m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string max-total-unready-percentage: description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: 'NewPodScaleUpDelay: For scenarios like burst/batch scale where you don''t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they''re a certain age. The default is ''0s''. Values must be an integer followed by a unit (''s'' for seconds, ''m'' for minutes, ''h'' for hours, etc).' + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: 'ScaleDownDelayAfterAdd: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-delay-after-delete: - description: 'ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: 'ScaleDownDelayAfterFailure: The default is ''3m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. type: string scale-down-unneeded-time: - description: 'ScaleDownUnneededTime: The default is ''10m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-unready-time: - description: 'ScaleDownUnreadyTime: The default is ''20m''. Values must be an integer followed by an ''m''. No unit of time other than minutes (m) is supported.' + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. type: string scale-down-utilization-threshold: description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' @@ -25102,33 +30855,46 @@ spec: description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' type: string upgradeChannel: - description: 'UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).' + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' properties: logs: - description: 'Logs: Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.' + description: |- + Logs: Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes + infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. properties: appMonitoring: - description: 'AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.' + description: |- + AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics + and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: description: 'Enabled: Indicates if Application Monitoring enabled or not.' type: boolean type: object containerInsights: - description: 'ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.' + description: |- + ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & + stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: enabled: description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' type: boolean logAnalyticsWorkspaceResourceId: - description: 'LogAnalyticsWorkspaceResourceId: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.' + description: |- + LogAnalyticsWorkspaceResourceId: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure + Monitor Container Insights Logs. type: string windowsHostLogs: - description: 'WindowsHostLogs: Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.' + description: |- + WindowsHostLogs: Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and + Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: enabled: description: 'Enabled: Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.' @@ -25140,7 +30906,10 @@ spec: description: 'Metrics: Metrics profile for the prometheus service addon' properties: appMonitoringOpenTelemetryMetrics: - description: 'AppMonitoringOpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.' + description: |- + AppMonitoringOpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application + Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor + OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' @@ -25153,16 +30922,23 @@ spec: description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' properties: metricAnnotationsAllowList: - description: 'MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource''s labels metric.' + description: |- + MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric. type: string metricLabelsAllowlist: - description: 'MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource''s labels metric.' + description: |- + MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels + metric. type: string type: object type: object type: object azurePortalFQDN: - description: 'AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn''t handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.' + description: |- + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. type: string conditions: description: 'Conditions: The observed state of the resource' @@ -25177,14 +30953,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -25200,7 +30985,9 @@ spec: type: object type: array creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a + snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' @@ -25210,19 +30997,30 @@ spec: description: 'CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running.' type: string disableLocalAccounts: - description: 'DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).' + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: 'DiskEncryptionSetID: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetID: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enableNamespaceResources: - description: 'EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.' + description: |- + EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed + cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as + a ARM Resource. type: boolean enablePodSecurityPolicy: - description: 'EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.' + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. type: boolean enableRBAC: description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' @@ -25247,7 +31045,9 @@ spec: description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: effectiveNoProxy: - description: 'EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a superset of noProxy and values injected by AKS.' + description: |- + EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a + superset of noProxy and values injected by AKS. items: type: string type: array @@ -25267,7 +31067,9 @@ spec: type: string type: object id: - description: 'Id: Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"' + description: |- + Id: Fully qualified resource ID for the resource. E.g. + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" type: string identity: description: 'Identity: The identity of the managed cluster, if configured.' @@ -25289,7 +31091,9 @@ spec: description: 'TenantId: The tenant id of the delegated resource - internal use only.' type: string type: object - description: 'DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.' + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object principalId: description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' @@ -25298,7 +31102,9 @@ spec: description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: 'Type: For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).' + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: @@ -25310,7 +31116,9 @@ spec: description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: 'UserAssignedIdentities: The keys must be ARM resource IDs in the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''.' + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: @@ -25336,7 +31144,10 @@ spec: description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: dnsZoneResourceIds: - description: 'DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.' + description: |- + DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web + App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must + be in the same resource group and all private DNS zones must be in the same resource group. items: type: string type: array @@ -25344,7 +31155,11 @@ spec: description: 'Enabled: Whether to enable Web App Routing.' type: boolean identity: - description: 'Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more instructions.' + description: |- + Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted + permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See + [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more + instructions. properties: clientId: description: 'ClientId: The client ID of the user assigned identity.' @@ -25359,7 +31174,11 @@ spec: type: object type: object kubernetesVersion: - description: 'KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.' + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' @@ -25376,7 +31195,9 @@ spec: description: Contains information about SSH certificate public key data. properties: keyData: - description: 'KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.' + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. type: string type: object type: array @@ -25395,7 +31216,10 @@ spec: description: 'CostAnalysis: The cost analysis configuration for the cluster' properties: enabled: - description: 'Enabled: The Managed Cluster sku.tier must be set to ''Standard'' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.' + description: |- + Enabled: The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add + Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the + default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object @@ -25406,19 +31230,28 @@ spec: description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: 'DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.' + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. type: string ipFamilies: - description: 'IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.' + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: description: To determine if address belongs IPv4 or IPv6 family. type: string type: array kubeProxyConfig: - description: 'KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be ''1-23''.' + description: |- + KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy + defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ + where is represented by a - string. Kubernetes version 1.23 would be '1-23'. properties: enabled: - description: 'Enabled: Whether to enable on kube-proxy on the cluster (if no ''kubeProxyConfig'' exists, kube-proxy is enabled in AKS by default without these customizations).' + description: |- + Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by + default without these customizations). type: boolean ipvsConfig: description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' @@ -25427,7 +31260,9 @@ spec: description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' type: string tcpFinTimeoutSeconds: - description: 'TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.' + description: |- + TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive + integer value. type: integer tcpTimeoutSeconds: description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' @@ -25444,7 +31279,9 @@ spec: description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: 'AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.' + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' @@ -25463,16 +31300,22 @@ spec: description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: 'Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.' + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - description: 'CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack.' + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: @@ -25505,10 +31348,15 @@ spec: type: object type: object loadBalancerSku: - description: 'LoadBalancerSku: The default is ''standard''. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.' + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. type: string monitoring: - description: 'Monitoring: This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format' + description: |- + Monitoring: This addon can be used to configure network monitoring and generate network monitoring data in Prometheus + format properties: enabled: description: 'Enabled: Enable or disable the network monitoring plugin on the cluster' @@ -25528,13 +31376,17 @@ spec: type: object type: array idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.' + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: 'Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1.' + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. type: integer type: object type: object @@ -25554,21 +31406,29 @@ spec: description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: 'OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).' + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: - description: 'PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.' + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. items: type: string type: array serviceCidr: - description: 'ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. type: string serviceCidrs: - description: 'ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.' + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array @@ -25601,10 +31461,16 @@ spec: type: string type: object podIdentityProfile: - description: 'PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.' + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: 'AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.' + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. type: boolean enabled: description: 'Enabled: Whether the pod identity addon is enabled.' @@ -25679,7 +31545,9 @@ spec: userAssignedIdentityExceptions: description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: description: 'Name: The name of the pod identity exception.' @@ -25739,7 +31607,9 @@ spec: description: 'PublicNetworkAccess: Allow or deny public network access for AKS' type: string resourceUID: - description: 'ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence)' + description: |- + ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create + sequence) type: string safeguardsProfile: description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' @@ -25750,7 +31620,9 @@ spec: type: string type: array level: - description: 'Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces' + description: |- + Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS + excludes via systemExcludedNamespaces type: string systemExcludedNamespaces: description: 'SystemExcludedNamespaces: List of namespaces specified by AKS to be excluded from Safeguards' @@ -25765,23 +31637,37 @@ spec: description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: 'AzureKeyVaultKms: Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.' + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: 'KeyId: Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.' + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: 'KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.' + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. type: string keyVaultResourceId: - description: 'KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must + be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. type: string type: object customCATrustCertificates: - description: 'CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)' + description: |- + CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the + Custom CA Trust feature enabled. For more information see [Custom CA Trust + Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string type: array @@ -25789,7 +31675,10 @@ spec: description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceId: - description: 'LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. + When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft + Defender is disabled, leave the field empty. type: string securityMonitoring: description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' @@ -25810,21 +31699,29 @@ spec: type: integer type: object imageIntegrity: - description: 'ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.' + description: |- + ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This + will not have any effect unless Azure Policy is applied to enforce image signatures. See + https://aka.ms/aks/image-integrity for how to use this feature via policy. properties: enabled: description: 'Enabled: Whether to enable image integrity. The default value is false.' type: boolean type: object nodeRestriction: - description: 'NodeRestriction: [Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.' + description: |- + NodeRestriction: [Node + Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings + for the security profile. properties: enabled: description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: - description: 'WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.' + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: description: 'Enabled: Whether to enable workload identity.' @@ -25838,7 +31735,9 @@ spec: description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: 'CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca' + description: |- + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: description: 'Plugin: Plugin certificates information for Service Mesh.' @@ -25881,7 +31780,9 @@ spec: ingressGateways: description: 'IngressGateways: Istio ingress gateways.' items: - description: Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: description: 'Enabled: Whether to enable the ingress gateway.' @@ -25893,7 +31794,10 @@ spec: type: array type: object revisions: - description: 'Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade' + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string type: array @@ -25903,7 +31807,9 @@ spec: type: string type: object servicePrincipalProfile: - description: 'ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure APIs.' + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. properties: clientId: description: 'ClientId: The ID for the service principal.' @@ -25916,7 +31822,9 @@ spec: description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: 'Tier: If not specified, the default is ''Free''. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.' + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: @@ -25994,40 +31902,57 @@ spec: description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: 'ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.' + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: 'Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won''t change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.' + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: - adminPassword: - description: 'AdminPassword: Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"' - type: string adminUsername: - description: 'AdminUsername: Specifies the name of the administrator account. Restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters' + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters type: string enableCSIProxy: - description: 'EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).' + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: 'DnsServer: Specifies the DNS server for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: 'RootDomainName: Specifies the root domain name for Windows gMSA. Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.' + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: 'LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.' + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: @@ -26072,13 +31997,26 @@ spec: name: v1api20231102previewstorage schema: openAPIV3Schema: - description: 'Storage version of v1api20231102preview.ManagedCluster Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}' + description: |- + Storage version of v1api20231102preview.ManagedCluster + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -26088,15 +32026,21 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20231102preview.ManagedClusterAADProfile For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: |- + Storage version of v1api20231102preview.ManagedClusterAADProfile + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -26117,12 +32061,16 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20231102preview.ManagedClusterAddonProfile A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterAddonProfile + A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -26134,12 +32082,16 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20231102preview.ManagedClusterAgentPoolProfile Profile for the container service agent pool. + description: |- + Storage version of v1api20231102preview.ManagedClusterAgentPoolProfile + Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile @@ -26147,7 +32099,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -26160,7 +32114,10 @@ spec: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26176,18 +32133,25 @@ spec: count: type: integer creationData: - description: Storage version of v1api20231102preview.CreationData Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231102preview.CreationData + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26221,16 +32185,24 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object installGPUDriver: type: boolean type: object hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26244,12 +32216,16 @@ spec: type: string type: object kubeletConfig: - description: Storage version of v1api20231102preview.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231102preview.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -26279,22 +32255,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20231102preview.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231102preview.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20231102preview.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20231102preview.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -26371,21 +32355,29 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20231102preview.AgentPoolNetworkProfile Network settings of an agent pool. + description: |- + Storage version of v1api20231102preview.AgentPoolNetworkProfile + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20231102preview.PortRange The port range. + description: |- + Storage version of v1api20231102preview.PortRange + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -26400,7 +32392,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26416,12 +32411,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20231102preview.IPTag Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231102preview.IPTag + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -26439,10 +32438,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26470,10 +32474,16 @@ spec: osType: type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26487,12 +32497,16 @@ spec: type: string type: object powerState: - description: Storage version of v1api20231102preview.PowerState Describes the Power State of the cluster + description: |- + Storage version of v1api20231102preview.PowerState + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -26501,7 +32515,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26521,12 +32538,16 @@ spec: scaleSetPriority: type: string securityProfile: - description: Storage version of v1api20231102preview.AgentPoolSecurityProfile The security settings of an agent pool. + description: |- + Storage version of v1api20231102preview.AgentPoolSecurityProfile + The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -26544,12 +32565,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231102preview.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20231102preview.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -26560,12 +32585,16 @@ spec: type: object virtualMachineNodesStatus: items: - description: Storage version of v1api20231102preview.VirtualMachineNodes Current status on a group of nodes of the same vm size. + description: |- + Storage version of v1api20231102preview.VirtualMachineNodes + Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -26574,29 +32603,41 @@ spec: type: object type: array virtualMachinesProfile: - description: Storage version of v1api20231102preview.VirtualMachinesProfile Specifications on VirtualMachines agent pool. + description: |- + Storage version of v1api20231102preview.VirtualMachinesProfile + Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object scale: - description: Storage version of v1api20231102preview.ScaleProfile Specifications on how to scale a VirtualMachines agent pool. + description: |- + Storage version of v1api20231102preview.ScaleProfile + Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object manual: items: - description: Storage version of v1api20231102preview.ManualScaleProfile Specifications on number of machines. + description: |- + Storage version of v1api20231102preview.ManualScaleProfile + Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -26611,10 +32652,16 @@ spec: vmSize: type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26628,12 +32675,16 @@ spec: type: string type: object windowsProfile: - description: Storage version of v1api20231102preview.AgentPoolWindowsProfile The Windows agent pool's specific profile. + description: |- + Storage version of v1api20231102preview.AgentPoolWindowsProfile + The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -26643,23 +32694,33 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: Storage version of v1api20231102preview.ManagedClusterAIToolchainOperatorProfile When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them. + description: |- + Storage version of v1api20231102preview.ManagedClusterAIToolchainOperatorProfile + When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator + automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and + enables distributed inference against them. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object apiServerAccessProfile: - description: Storage version of v1api20231102preview.ManagedClusterAPIServerAccessProfile Access profile for managed cluster API server. + description: |- + Storage version of v1api20231102preview.ManagedClusterAPIServerAccessProfile + Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -26684,7 +32745,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -26728,12 +32791,16 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20231102preview.ManagedClusterAutoUpgradeProfile Auto upgrade profile for a managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterAutoUpgradeProfile + Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -26741,47 +32808,72 @@ spec: type: string type: object azureMonitorProfile: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfile Prometheus addon profile for the container service cluster + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfile + Prometheus addon profile for the container service cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object logs: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileLogs Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileLogs + Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure + & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object appMonitoring: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoring Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoring + Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces + through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object containerInsights: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileContainerInsights Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileContainerInsights + Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See + aka.ms/AzureMonitorContainerInsights for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.' + description: |- + LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing + Azure Monitor Container Insights Logs. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26795,12 +32887,17 @@ spec: type: string type: object windowsHostLogs: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileWindowsHostLogs Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileWindowsHostLogs + Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See + aka.ms/AzureMonitorContainerInsights for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -26808,20 +32905,30 @@ spec: type: object type: object metrics: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileMetrics Metrics profile for the prometheus service addon + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileMetrics + Metrics profile for the prometheus service addon properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object appMonitoringOpenTelemetryMetrics: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics + Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects + OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -26829,12 +32936,16 @@ spec: enabled: type: boolean kubeStateMetrics: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileKubeStateMetrics Kube State Metrics for prometheus addon profile for the container service cluster + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileKubeStateMetrics + Kube State Metrics for prometheus addon profile for the container service cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -26844,21 +32955,30 @@ spec: type: object type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string creationData: - description: Storage version of v1api20231102preview.CreationData Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231102preview.CreationData + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26875,10 +32995,15 @@ spec: disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: 'DiskEncryptionSetReference: This is of the form: ''/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}''' + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26900,12 +33025,16 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20231102preview.ExtendedLocation The complex type of the extended location. + description: |- + Storage version of v1api20231102preview.ExtendedLocation + The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -26915,12 +33044,16 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20231102preview.ManagedClusterHTTPProxyConfig Cluster HTTP proxy configuration. + description: |- + Storage version of v1api20231102preview.ManagedClusterHTTPProxyConfig + Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -26934,21 +33067,29 @@ spec: type: string type: object identity: - description: Storage version of v1api20231102preview.ManagedClusterIdentity Identity for the managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterIdentity + Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: Storage version of v1api20231102preview.DelegatedResource Delegated resource properties - internal use only. + description: |- + Storage version of v1api20231102preview.DelegatedResource + Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object location: type: string @@ -26958,7 +33099,10 @@ spec: description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -26979,18 +33123,25 @@ spec: type: string userAssignedIdentities: items: - description: Storage version of v1api20231102preview.UserAssignedIdentityDetails Information about the user assigned identity for the resource + description: |- + Storage version of v1api20231102preview.UserAssignedIdentityDetails + Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27008,12 +33159,16 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20231102preview.UserAssignedIdentity Details about a user assigned identity. + description: |- + Storage version of v1api20231102preview.UserAssignedIdentity + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -27023,7 +33178,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27039,27 +33197,38 @@ spec: type: object type: object ingressProfile: - description: Storage version of v1api20231102preview.ManagedClusterIngressProfile Ingress profile for the container service cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterIngressProfile + Ingress profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: Storage version of v1api20231102preview.ManagedClusterIngressProfileWebAppRouting Web App Routing settings for the ingress profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterIngressProfileWebAppRouting + Web App Routing settings for the ingress profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsZoneResourceReferences: items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27080,31 +33249,43 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20231102preview.ContainerServiceLinuxProfile Profile for Linux VMs in the container service cluster. + description: |- + Storage version of v1api20231102preview.ContainerServiceLinuxProfile + Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20231102preview.ContainerServiceSshConfiguration SSH configuration for Linux-based VMs running on Azure. + description: |- + Storage version of v1api20231102preview.ContainerServiceSshConfiguration + SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20231102preview.ContainerServiceSshPublicKey Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20231102preview.ContainerServiceSshPublicKey + Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -27115,32 +33296,44 @@ spec: location: type: string metricsProfile: - description: Storage version of v1api20231102preview.ManagedClusterMetricsProfile The metrics profile for the ManagedCluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterMetricsProfile + The metrics profile for the ManagedCluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: Storage version of v1api20231102preview.ManagedClusterCostAnalysis The cost analysis configuration for the cluster + description: |- + Storage version of v1api20231102preview.ManagedClusterCostAnalysis + The cost analysis configuration for the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object networkProfile: - description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile Profile of network configuration. + description: |- + Storage version of v1api20231102preview.ContainerServiceNetworkProfile + Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -27154,7 +33347,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27164,7 +33359,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object scheduler: type: string @@ -27179,12 +33376,16 @@ spec: type: string type: object loadBalancerProfile: - description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile Profile of the managed cluster load balancer. + description: |- + Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile + Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -27192,18 +33393,25 @@ spec: type: string effectiveOutboundIPs: items: - description: Storage version of v1api20231102preview.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20231102preview.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27228,7 +33436,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -27241,22 +33451,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20231102preview.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20231102preview.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27278,22 +33497,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20231102preview.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20231102preview.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27313,38 +33541,53 @@ spec: loadBalancerSku: type: string monitoring: - description: Storage version of v1api20231102preview.NetworkMonitoring This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format + description: |- + Storage version of v1api20231102preview.NetworkMonitoring + This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object natGatewayProfile: - description: Storage version of v1api20231102preview.ManagedClusterNATGatewayProfile Profile of the managed cluster NAT gateway. + description: |- + Storage version of v1api20231102preview.ManagedClusterNATGatewayProfile + Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: Storage version of v1api20231102preview.ResourceReference A reference to an Azure resource. + description: |- + Storage version of v1api20231102preview.ResourceReference + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27362,12 +33605,16 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: Storage version of v1api20231102preview.ManagedClusterManagedOutboundIPProfile Profile of the managed outbound IP resources of the managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterManagedOutboundIPProfile + Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -27404,7 +33651,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object mode: type: string @@ -27412,34 +33661,46 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: Storage version of v1api20231102preview.ManagedClusterNodeResourceGroupProfile Node resource group lockdown profile for a managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterNodeResourceGroupProfile + Node resource group lockdown profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: Storage version of v1api20231102preview.ManagedClusterOIDCIssuerProfile The OIDC issuer profile of the Managed Cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterOIDCIssuerProfile + The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object operatorSpec: - description: Storage version of v1api20231102preview.ManagedClusterOperatorSpec Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + description: |- + Storage version of v1api20231102preview.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object configMaps: description: Storage version of v1api20231102preview.ManagedClusterOperatorConfigMaps @@ -27447,16 +33708,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object oidcIssuerProfile: - description: 'ConfigMapDestination describes the location to store a single configmap value Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other.' + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the ConfigMap being referenced type: string name: - description: Name is the name of the Kubernetes ConfigMap being referenced. The ConfigMap must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource type: string required: - key @@ -27469,29 +33736,39 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: 'SecretDestination describes the location to store a single secret value. Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other.' + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key - name type: object userCredentials: - description: 'SecretDestination describes the location to store a single secret value. Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other.' + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -27502,7 +33779,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -27512,12 +33792,17 @@ spec: type: string type: object podIdentityProfile: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProfile See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. + description: |- + Storage version of v1api20231102preview.ManagedClusterPodIdentityProfile + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -27525,22 +33810,30 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentity Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterPodIdentity + Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20231102preview.UserAssignedIdentity Details about a user assigned identity. + description: |- + Storage version of v1api20231102preview.UserAssignedIdentity + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -27550,7 +33843,10 @@ spec: description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27572,12 +33868,17 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentityException See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + Storage version of v1api20231102preview.ManagedClusterPodIdentityException + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -27592,12 +33893,16 @@ spec: type: object privateLinkResources: items: - description: Storage version of v1api20231102preview.PrivateLinkResource A private link resource + description: |- + Storage version of v1api20231102preview.PrivateLinkResource + A private link resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -27607,7 +33912,10 @@ spec: description: 'Reference: The ID of the private link resource.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27631,12 +33939,16 @@ spec: publicNetworkAccess: type: string safeguardsProfile: - description: Storage version of v1api20231102preview.SafeguardsProfile The Safeguards profile. + description: |- + Storage version of v1api20231102preview.SafeguardsProfile + The Safeguards profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object excludedNamespaces: items: @@ -27648,20 +33960,28 @@ spec: type: string type: object securityProfile: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfile Security profile for the container service cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfile + Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: Storage version of v1api20231102preview.AzureKeyVaultKms Azure Key Vault key management service settings for the security profile. + description: |- + Storage version of v1api20231102preview.AzureKeyVaultKms + Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27670,10 +33990,15 @@ spec: keyVaultNetworkAccess: type: string keyVaultResourceReference: - description: 'KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.' + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27692,18 +34017,28 @@ spec: type: string type: array defender: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefender Microsoft Defender settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefender + Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceReference: - description: 'LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.' + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27717,24 +34052,33 @@ spec: type: string type: object securityMonitoring: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring Microsoft Defender settings for the security profile threat detection. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring + Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageCleaner Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageCleaner + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27742,70 +34086,99 @@ spec: type: integer type: object imageIntegrity: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageIntegrity Image integrity related settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageIntegrity + Image integrity related settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object nodeRestriction: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileNodeRestriction Node Restriction settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileNodeRestriction + Node Restriction settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object workloadIdentity: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileWorkloadIdentity Workload identity settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileWorkloadIdentity + Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: Storage version of v1api20231102preview.ServiceMeshProfile Service mesh profile for a managed cluster. + description: |- + Storage version of v1api20231102preview.ServiceMeshProfile + Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object istio: - description: Storage version of v1api20231102preview.IstioServiceMesh Istio service mesh configuration. + description: |- + Storage version of v1api20231102preview.IstioServiceMesh + Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: Storage version of v1api20231102preview.IstioCertificateAuthority Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca + description: |- + Storage version of v1api20231102preview.IstioCertificateAuthority + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object plugin: - description: Storage version of v1api20231102preview.IstioPluginCertificateAuthority Plugin certificates information for Service Mesh. + description: |- + Storage version of v1api20231102preview.IstioPluginCertificateAuthority + Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -27817,7 +34190,10 @@ spec: description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -27835,21 +34211,29 @@ spec: type: object type: object components: - description: Storage version of v1api20231102preview.IstioComponents Istio components configuration. + description: |- + Storage version of v1api20231102preview.IstioComponents + Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: Storage version of v1api20231102preview.IstioEgressGateway Istio egress gateway configuration. + description: |- + Storage version of v1api20231102preview.IstioEgressGateway + Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27861,12 +34245,17 @@ spec: type: array ingressGateways: items: - description: Storage version of v1api20231102preview.IstioIngressGateway Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Storage version of v1api20231102preview.IstioIngressGateway + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27884,23 +34273,31 @@ spec: type: string type: object servicePrincipalProfile: - description: Storage version of v1api20231102preview.ManagedClusterServicePrincipalProfile Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: |- + Storage version of v1api20231102preview.ManagedClusterServicePrincipalProfile + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: SecretReference is a reference to a Kubernetes secret and key in the same namespace as the resource it is on. + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. properties: key: description: Key is the key in the Kubernetes secret being referenced type: string name: - description: Name is the name of the Kubernetes secret being referenced. The secret must be in the same namespace as the resource + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource type: string required: - key @@ -27908,12 +34305,16 @@ spec: type: object type: object sku: - description: Storage version of v1api20231102preview.ManagedClusterSKU The SKU of a Managed Cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterSKU + The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -27921,31 +34322,43 @@ spec: type: string type: object storageProfile: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfile Storage profile for the container service cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfile + Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfileBlobCSIDriver AzureBlob CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfileBlobCSIDriver + AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfileDiskCSIDriver AzureDisk CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfileDiskCSIDriver + AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27953,23 +34366,31 @@ spec: type: string type: object fileCSIDriver: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfileFileCSIDriver AzureFile CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfileFileCSIDriver + AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfileSnapshotController Snapshot Controller settings for the storage profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfileSnapshotController + Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27982,20 +34403,28 @@ spec: type: string type: object upgradeSettings: - description: Storage version of v1api20231102preview.ClusterUpgradeSettings Settings for upgrading a cluster. + description: |- + Storage version of v1api20231102preview.ClusterUpgradeSettings + Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: Storage version of v1api20231102preview.UpgradeOverrideSettings Settings for overrides when upgrading a cluster. + description: |- + Storage version of v1api20231102preview.UpgradeOverrideSettings + Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -28004,26 +34433,49 @@ spec: type: object type: object windowsProfile: - description: Storage version of v1api20231102preview.ManagedClusterWindowsProfile Profile for Windows VMs in the managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterWindowsProfile + Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminPassword: - type: string + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: Storage version of v1api20231102preview.WindowsGmsaProfile Windows gMSA Profile in the managed cluster. + description: |- + Storage version of v1api20231102preview.WindowsGmsaProfile + Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -28036,20 +34488,28 @@ spec: type: string type: object workloadAutoScalerProfile: - description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfile Workload Auto-scaler profile for the managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfile + Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keda: - description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileKeda KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileKeda + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -28060,7 +34520,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object addonAutoscaling: type: string @@ -28072,20 +34534,28 @@ spec: - owner type: object status: - description: Storage version of v1api20231102preview.ManagedCluster_STATUS Managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedCluster_STATUS + Managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20231102preview.ManagedClusterAADProfile_STATUS For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + description: |- + Storage version of v1api20231102preview.ManagedClusterAADProfile_STATUS + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -28106,12 +34576,16 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20231102preview.ManagedClusterAddonProfile_STATUS A Kubernetes add-on profile for a managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterAddonProfile_STATUS + A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -28120,12 +34594,16 @@ spec: enabled: type: boolean identity: - description: Storage version of v1api20231102preview.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20231102preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -28138,12 +34616,16 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20231102preview.ManagedClusterAgentPoolProfile_STATUS Profile for the container service agent pool. + description: |- + Storage version of v1api20231102preview.ManagedClusterAgentPoolProfile_STATUS + Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile_STATUS @@ -28151,7 +34633,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -28165,12 +34649,16 @@ spec: count: type: integer creationData: - description: Storage version of v1api20231102preview.CreationData_STATUS Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231102preview.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -28197,7 +34685,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object installGPUDriver: type: boolean @@ -28205,12 +34695,16 @@ spec: hostGroupID: type: string kubeletConfig: - description: Storage version of v1api20231102preview.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231102preview.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -28240,22 +34734,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20231102preview.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231102preview.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20231102preview.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20231102preview.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -28332,21 +34834,29 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20231102preview.AgentPoolNetworkProfile_STATUS Network settings of an agent pool. + description: |- + Storage version of v1api20231102preview.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20231102preview.PortRange_STATUS The port range. + description: |- + Storage version of v1api20231102preview.PortRange_STATUS + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -28362,12 +34872,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20231102preview.IPTag_STATUS Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231102preview.IPTag_STATUS + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -28405,12 +34919,16 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20231102preview.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20231102preview.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -28426,12 +34944,16 @@ spec: scaleSetPriority: type: string securityProfile: - description: Storage version of v1api20231102preview.AgentPoolSecurityProfile_STATUS The security settings of an agent pool. + description: |- + Storage version of v1api20231102preview.AgentPoolSecurityProfile_STATUS + The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -28449,12 +34971,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231102preview.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20231102preview.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -28465,12 +34991,16 @@ spec: type: object virtualMachineNodesStatus: items: - description: Storage version of v1api20231102preview.VirtualMachineNodes_STATUS Current status on a group of nodes of the same vm size. + description: |- + Storage version of v1api20231102preview.VirtualMachineNodes_STATUS + Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -28479,29 +35009,41 @@ spec: type: object type: array virtualMachinesProfile: - description: Storage version of v1api20231102preview.VirtualMachinesProfile_STATUS Specifications on VirtualMachines agent pool. + description: |- + Storage version of v1api20231102preview.VirtualMachinesProfile_STATUS + Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object scale: - description: Storage version of v1api20231102preview.ScaleProfile_STATUS Specifications on how to scale a VirtualMachines agent pool. + description: |- + Storage version of v1api20231102preview.ScaleProfile_STATUS + Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object manual: items: - description: Storage version of v1api20231102preview.ManualScaleProfile_STATUS Specifications on number of machines. + description: |- + Storage version of v1api20231102preview.ManualScaleProfile_STATUS + Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -28518,12 +35060,16 @@ spec: vnetSubnetID: type: string windowsProfile: - description: Storage version of v1api20231102preview.AgentPoolWindowsProfile_STATUS The Windows agent pool's specific profile. + description: |- + Storage version of v1api20231102preview.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -28533,23 +35079,33 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: Storage version of v1api20231102preview.ManagedClusterAIToolchainOperatorProfile_STATUS When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them. + description: |- + Storage version of v1api20231102preview.ManagedClusterAIToolchainOperatorProfile_STATUS + When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator + automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and + enables distributed inference against them. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object apiServerAccessProfile: - description: Storage version of v1api20231102preview.ManagedClusterAPIServerAccessProfile_STATUS Access profile for managed cluster API server. + description: |- + Storage version of v1api20231102preview.ManagedClusterAPIServerAccessProfile_STATUS + Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -28574,7 +35130,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -28618,12 +35176,16 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20231102preview.ManagedClusterAutoUpgradeProfile_STATUS Auto upgrade profile for a managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterAutoUpgradeProfile_STATUS + Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -28631,51 +35193,76 @@ spec: type: string type: object azureMonitorProfile: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfile_STATUS Prometheus addon profile for the container service cluster + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfile_STATUS + Prometheus addon profile for the container service cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object logs: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileLogs_STATUS Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileLogs_STATUS + Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure + & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object appMonitoring: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoring_STATUS Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoring_STATUS + Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces + through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object containerInsights: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileContainerInsights_STATUS Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileContainerInsights_STATUS + Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See + aka.ms/AzureMonitorContainerInsights for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean logAnalyticsWorkspaceResourceId: type: string windowsHostLogs: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileWindowsHostLogs_STATUS Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileWindowsHostLogs_STATUS + Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See + aka.ms/AzureMonitorContainerInsights for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -28683,20 +35270,30 @@ spec: type: object type: object metrics: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileMetrics_STATUS Metrics profile for the prometheus service addon + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileMetrics_STATUS + Metrics profile for the prometheus service addon properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object appMonitoringOpenTelemetryMetrics: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview. + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS + Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects + OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -28704,12 +35301,16 @@ spec: enabled: type: boolean kubeStateMetrics: - description: Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS Kube State Metrics for prometheus addon profile for the container service cluster + description: |- + Storage version of v1api20231102preview.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Kube State Metrics for prometheus addon profile for the container service cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -28732,14 +35333,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -28755,12 +35365,16 @@ spec: type: object type: array creationData: - description: Storage version of v1api20231102preview.CreationData_STATUS Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231102preview.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -28780,12 +35394,16 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20231102preview.ExtendedLocation_STATUS The complex type of the extended location. + description: |- + Storage version of v1api20231102preview.ExtendedLocation_STATUS + The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -28797,12 +35415,16 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20231102preview.ManagedClusterHTTPProxyConfig_STATUS Cluster HTTP proxy configuration. + description: |- + Storage version of v1api20231102preview.ManagedClusterHTTPProxyConfig_STATUS + Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object effectiveNoProxy: items: @@ -28822,21 +35444,29 @@ spec: id: type: string identity: - description: Storage version of v1api20231102preview.ManagedClusterIdentity_STATUS Identity for the managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterIdentity_STATUS + Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: Storage version of v1api20231102preview.DelegatedResource_STATUS Delegated resource properties - internal use only. + description: |- + Storage version of v1api20231102preview.DelegatedResource_STATUS + Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object location: type: string @@ -28861,7 +35491,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -28872,12 +35504,16 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20231102preview.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20231102preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -28888,20 +35524,28 @@ spec: type: object type: object ingressProfile: - description: Storage version of v1api20231102preview.ManagedClusterIngressProfile_STATUS Ingress profile for the container service cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterIngressProfile_STATUS + Ingress profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: Storage version of v1api20231102preview.ManagedClusterIngressProfileWebAppRouting_STATUS Web App Routing settings for the ingress profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterIngressProfileWebAppRouting_STATUS + Web App Routing settings for the ingress profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsZoneResourceIds: items: @@ -28910,12 +35554,16 @@ spec: enabled: type: boolean identity: - description: Storage version of v1api20231102preview.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20231102preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -28929,31 +35577,43 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20231102preview.ContainerServiceLinuxProfile_STATUS Profile for Linux VMs in the container service cluster. + description: |- + Storage version of v1api20231102preview.ContainerServiceLinuxProfile_STATUS + Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20231102preview.ContainerServiceSshConfiguration_STATUS SSH configuration for Linux-based VMs running on Azure. + description: |- + Storage version of v1api20231102preview.ContainerServiceSshConfiguration_STATUS + SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20231102preview.ContainerServiceSshPublicKey_STATUS Contains information about SSH certificate public key data. + description: |- + Storage version of v1api20231102preview.ContainerServiceSshPublicKey_STATUS + Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -28966,20 +35626,28 @@ spec: maxAgentPools: type: integer metricsProfile: - description: Storage version of v1api20231102preview.ManagedClusterMetricsProfile_STATUS The metrics profile for the ManagedCluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterMetricsProfile_STATUS + The metrics profile for the ManagedCluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: Storage version of v1api20231102preview.ManagedClusterCostAnalysis_STATUS The cost analysis configuration for the cluster + description: |- + Storage version of v1api20231102preview.ManagedClusterCostAnalysis_STATUS + The cost analysis configuration for the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -28988,12 +35656,16 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20231102preview.ContainerServiceNetworkProfile_STATUS Profile of network configuration. + description: |- + Storage version of v1api20231102preview.ContainerServiceNetworkProfile_STATUS + Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -29007,7 +35679,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29017,7 +35691,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object scheduler: type: string @@ -29032,12 +35708,16 @@ spec: type: string type: object loadBalancerProfile: - description: Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_STATUS Profile of the managed cluster load balancer. + description: |- + Storage version of v1api20231102preview.ManagedClusterLoadBalancerProfile_STATUS + Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -29045,12 +35725,16 @@ spec: type: string effectiveOutboundIPs: items: - description: Storage version of v1api20231102preview.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20231102preview.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -29066,7 +35750,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -29079,16 +35765,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20231102preview.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20231102preview.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -29101,16 +35793,22 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20231102preview.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20231102preview.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -29121,32 +35819,44 @@ spec: loadBalancerSku: type: string monitoring: - description: Storage version of v1api20231102preview.NetworkMonitoring_STATUS This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format + description: |- + Storage version of v1api20231102preview.NetworkMonitoring_STATUS + This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object natGatewayProfile: - description: Storage version of v1api20231102preview.ManagedClusterNATGatewayProfile_STATUS Profile of the managed cluster NAT gateway. + description: |- + Storage version of v1api20231102preview.ManagedClusterNATGatewayProfile_STATUS + Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: Storage version of v1api20231102preview.ResourceReference_STATUS A reference to an Azure resource. + description: |- + Storage version of v1api20231102preview.ResourceReference_STATUS + A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -29155,12 +35865,16 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: Storage version of v1api20231102preview.ManagedClusterManagedOutboundIPProfile_STATUS Profile of the managed outbound IP resources of the managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterManagedOutboundIPProfile_STATUS + Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -29197,7 +35911,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object mode: type: string @@ -29205,23 +35921,31 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: Storage version of v1api20231102preview.ManagedClusterNodeResourceGroupProfile_STATUS Node resource group lockdown profile for a managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterNodeResourceGroupProfile_STATUS + Node resource group lockdown profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: Storage version of v1api20231102preview.ManagedClusterOIDCIssuerProfile_STATUS The OIDC issuer profile of the Managed Cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterOIDCIssuerProfile_STATUS + The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29229,12 +35953,17 @@ spec: type: string type: object podIdentityProfile: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProfile_STATUS See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. + description: |- + Storage version of v1api20231102preview.ManagedClusterPodIdentityProfile_STATUS + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -29242,22 +35971,30 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentity_STATUS Details about the pod identity assigned to the Managed Cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterPodIdentity_STATUS + Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20231102preview.UserAssignedIdentity_STATUS Details about a user assigned identity. + description: |- + Storage version of v1api20231102preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -29276,23 +36013,33 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningError_STATUS An error response from the pod identity provisioning. + description: |- + Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningError_STATUS + An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS An error response from the pod identity provisioning. + description: |- + Storage version of v1api20231102preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -29303,7 +36050,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -29326,12 +36075,17 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20231102preview.ManagedClusterPodIdentityException_STATUS See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + description: |- + Storage version of v1api20231102preview.ManagedClusterPodIdentityException_STATUS + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -29345,12 +36099,16 @@ spec: type: array type: object powerState: - description: Storage version of v1api20231102preview.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20231102preview.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -29359,12 +36117,16 @@ spec: type: string privateLinkResources: items: - description: Storage version of v1api20231102preview.PrivateLinkResource_STATUS A private link resource + description: |- + Storage version of v1api20231102preview.PrivateLinkResource_STATUS + A private link resource properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -29389,12 +36151,16 @@ spec: resourceUID: type: string safeguardsProfile: - description: Storage version of v1api20231102preview.SafeguardsProfile_STATUS The Safeguards profile. + description: |- + Storage version of v1api20231102preview.SafeguardsProfile_STATUS + The Safeguards profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object excludedNamespaces: items: @@ -29410,20 +36176,28 @@ spec: type: string type: object securityProfile: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfile_STATUS Security profile for the container service cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfile_STATUS + Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: Storage version of v1api20231102preview.AzureKeyVaultKms_STATUS Azure Key Vault key management service settings for the security profile. + description: |- + Storage version of v1api20231102preview.AzureKeyVaultKms_STATUS + Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29439,34 +36213,47 @@ spec: type: string type: array defender: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefender_STATUS Microsoft Defender settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefender_STATUS + Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceId: type: string securityMonitoring: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS Microsoft Defender settings for the security profile threat detection. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageCleaner_STATUS Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageCleaner_STATUS + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29474,70 +36261,99 @@ spec: type: integer type: object imageIntegrity: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageIntegrity_STATUS Image integrity related settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileImageIntegrity_STATUS + Image integrity related settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object nodeRestriction: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileNodeRestriction_STATUS Node Restriction settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileNodeRestriction_STATUS + Node Restriction settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object workloadIdentity: - description: Storage version of v1api20231102preview.ManagedClusterSecurityProfileWorkloadIdentity_STATUS Workload identity settings for the security profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: Storage version of v1api20231102preview.ServiceMeshProfile_STATUS Service mesh profile for a managed cluster. + description: |- + Storage version of v1api20231102preview.ServiceMeshProfile_STATUS + Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object istio: - description: Storage version of v1api20231102preview.IstioServiceMesh_STATUS Istio service mesh configuration. + description: |- + Storage version of v1api20231102preview.IstioServiceMesh_STATUS + Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: Storage version of v1api20231102preview.IstioCertificateAuthority_STATUS Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca + description: |- + Storage version of v1api20231102preview.IstioCertificateAuthority_STATUS + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object plugin: - description: Storage version of v1api20231102preview.IstioPluginCertificateAuthority_STATUS Plugin certificates information for Service Mesh. + description: |- + Storage version of v1api20231102preview.IstioPluginCertificateAuthority_STATUS + Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -29552,21 +36368,29 @@ spec: type: object type: object components: - description: Storage version of v1api20231102preview.IstioComponents_STATUS Istio components configuration. + description: |- + Storage version of v1api20231102preview.IstioComponents_STATUS + Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: Storage version of v1api20231102preview.IstioEgressGateway_STATUS Istio egress gateway configuration. + description: |- + Storage version of v1api20231102preview.IstioEgressGateway_STATUS + Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29578,12 +36402,17 @@ spec: type: array ingressGateways: items: - description: Storage version of v1api20231102preview.IstioIngressGateway_STATUS Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + description: |- + Storage version of v1api20231102preview.IstioIngressGateway_STATUS + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29601,23 +36430,31 @@ spec: type: string type: object servicePrincipalProfile: - description: Storage version of v1api20231102preview.ManagedClusterServicePrincipalProfile_STATUS Information about a service principal identity for the cluster to use for manipulating Azure APIs. + description: |- + Storage version of v1api20231102preview.ManagedClusterServicePrincipalProfile_STATUS + Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: Storage version of v1api20231102preview.ManagedClusterSKU_STATUS The SKU of a Managed Cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterSKU_STATUS + The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -29625,31 +36462,43 @@ spec: type: string type: object storageProfile: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfile_STATUS Storage profile for the container service cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfile_STATUS + Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfileBlobCSIDriver_STATUS AzureBlob CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfileBlobCSIDriver_STATUS + AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfileDiskCSIDriver_STATUS AzureDisk CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfileDiskCSIDriver_STATUS + AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29657,23 +36506,31 @@ spec: type: string type: object fileCSIDriver: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfileFileCSIDriver_STATUS AzureFile CSI Driver settings for the storage profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfileFileCSIDriver_STATUS + AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: Storage version of v1api20231102preview.ManagedClusterStorageProfileSnapshotController_STATUS Snapshot Controller settings for the storage profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterStorageProfileSnapshotController_STATUS + Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29682,12 +36539,16 @@ spec: supportPlan: type: string systemData: - description: Storage version of v1api20231102preview.SystemData_STATUS Metadata pertaining to creation and last modification of the resource. + description: |- + Storage version of v1api20231102preview.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -29709,20 +36570,28 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231102preview.ClusterUpgradeSettings_STATUS Settings for upgrading a cluster. + description: |- + Storage version of v1api20231102preview.ClusterUpgradeSettings_STATUS + Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: Storage version of v1api20231102preview.UpgradeOverrideSettings_STATUS Settings for overrides when upgrading a cluster. + description: |- + Storage version of v1api20231102preview.UpgradeOverrideSettings_STATUS + Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -29731,26 +36600,32 @@ spec: type: object type: object windowsProfile: - description: Storage version of v1api20231102preview.ManagedClusterWindowsProfile_STATUS Profile for Windows VMs in the managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterWindowsProfile_STATUS + Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object - adminPassword: - type: string adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: Storage version of v1api20231102preview.WindowsGmsaProfile_STATUS Windows gMSA Profile in the managed cluster. + description: |- + Storage version of v1api20231102preview.WindowsGmsaProfile_STATUS + Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -29763,20 +36638,28 @@ spec: type: string type: object workloadAutoScalerProfile: - description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfile_STATUS Workload Auto-scaler profile for the managed cluster. + description: |- + Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfile_STATUS + Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object keda: - description: Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + description: |- + Storage version of v1api20231102preview.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29787,7 +36670,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object addonAutoscaling: type: string @@ -29801,38 +36686,6 @@ spec: storage: false subresources: status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - labels: - app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 - name: managedclustersagentpools.containerservice.azure.com -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: azureserviceoperator-webhook-service - namespace: azureserviceoperator-system - path: /convert - port: 443 - conversionReviewVersions: - - v1 - group: containerservice.azure.com - names: - kind: ManagedClustersAgentPool - listKind: ManagedClustersAgentPoolList - plural: managedclustersagentpools - singular: managedclustersagentpool - preserveUnknownFields: false - scope: Namespaced - versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready @@ -29846,272 +36699,11361 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20210501 + name: v1api20240402preview schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: - availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' - items: - type: string - type: array - azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' - type: string - count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' - type: integer - enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' - type: boolean - enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' - type: boolean - enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' - type: boolean - enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' - type: boolean - enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' - type: boolean - gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' - enum: - - MIG1g - - MIG2g - - MIG3g - - MIG4g - - MIG7g - type: string - kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + aadProfile: + description: 'AadProfile: The Azure Active Directory configuration.' properties: - allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + adminGroupObjectIDs: + description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array - containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' - minimum: 2 - type: integer - containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' - type: integer - cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' - type: boolean - cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' - type: string - cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + clientAppID: + description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string - failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + enableAzureRBAC: + description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean - imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' - type: integer - imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' - type: integer - podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' - type: integer - topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + managed: + description: 'Managed: Whether to enable managed AAD.' + type: boolean + serverAppID: + description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string - type: object - kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' - enum: - - OS - - Temporary - type: string - linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' - properties: - swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' - type: integer - sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' - properties: - fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' - type: integer - fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' - type: integer - fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' - type: integer - fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' - type: integer - kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' - type: integer - netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' - type: integer - netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' - type: integer - netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' - type: integer - netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' - type: integer - netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' - type: integer - netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' - type: integer - netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' - type: integer - netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' - type: string - netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' - type: integer - netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' - type: integer - netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' - type: integer - netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' - type: integer - netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' - type: integer - netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' - type: integer - netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' - type: integer - netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' - type: integer - netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' - type: boolean - netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' - type: integer - netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' - type: integer - netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' - type: integer - vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' - type: integer - vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' - type: integer - vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' - type: integer - type: object - transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + serverAppSecret: + description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string - transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + tenantID: + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. type: string type: object - maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' - type: integer - maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' - type: integer - minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' - type: integer - mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' - enum: - - System - - User - type: string - nodeLabels: + addonProfiles: additionalProperties: - type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' - type: object - nodePublicIPPrefixIDReference: - description: 'NodePublicIPPrefixIDReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' - properties: - armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. - pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) - type: string - group: - description: Group is the Kubernetes group of the resource. - type: string - kind: - description: Kind is the Kubernetes kind of the resource. - type: string - name: - description: Name is the Kubernetes name of the resource. - type: string + description: A Kubernetes add-on profile for a managed cluster. + properties: + config: + additionalProperties: + type: string + description: 'Config: Key-value pairs for configuring an add-on.' + type: object + enabled: + description: 'Enabled: Whether the add-on is enabled or not.' + type: boolean + required: + - enabled + type: object + description: 'AddonProfiles: The profile of managed cluster add-on.' type: object - nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + agentPoolProfiles: + description: 'AgentPoolProfiles: The agent pool properties.' items: - type: string - type: array - orchestratorVersion: - description: 'OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' - type: string - osDiskSizeGB: - maximum: 2048 - minimum: 0 - type: integer - osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' - enum: - - Ephemeral - - Managed - type: string - osSKU: - description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' - enum: - - CBLMariner - - Ubuntu - type: string - osType: - description: 'OsType: The operating system type. The default is Linux.' - enum: - - Linux - - Windows + description: Profile for the container service agent pool. + properties: + artifactStreamingProfile: + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + properties: + enabled: + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. + type: boolean + type: object + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gatewayProfile: + description: |- + GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is + not Gateway. + properties: + publicIPPrefixSize: + description: |- + PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide + public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with + one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure + public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 + nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. + maximum: 31 + minimum: 28 + type: integer + type: object + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g + type: string + gpuProfile: + description: 'GpuProfile: The GPU settings of an agent pool.' + properties: + installGPUDriver: + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. + type: boolean + type: object + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. + minimum: 2 + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - Gateway + - System + - User + type: string + name: + description: 'Name: Windows agent pool names must be 6 characters or less.' + pattern: ^[a-z][a-z0-9]{0,11}$ + type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + maximum: 65535 + minimum: 1 + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + maximum: 65535 + minimum: 1 + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP + type: string + type: object + type: array + applicationSecurityGroupsReferences: + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object + nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` + items: + type: string + type: array + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + maximum: 2048 + minimum: 0 + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. + enum: + - AzureLinux + - CBLMariner + - Mariner + - Ubuntu + - Windows2019 + - Windows2022 + - WindowsAnnual + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows + type: string + podIPAllocationMode: + description: |- + PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is + 'DynamicIndividual'. + enum: + - DynamicIndividual + - StaticBlock + type: string + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot + type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + sshAccess: + description: 'SshAccess: SSH access method of an agent pool.' + enum: + - Disabled + - LocalUser + type: string + type: object + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + - VirtualMachines + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 + type: integer + maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + maximum: 30 + minimum: 0 + type: integer + undrainableNodeBehavior: + description: |- + UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable + nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the + remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. + enum: + - Cordon + - Schedule + type: string + type: object + virtualMachineNodesStatus: + items: + description: Current status on a group of nodes of the same vm size. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + size: + description: 'Size: The VM size of the agents used to host this group of nodes.' + type: string + type: object + type: array + virtualMachinesProfile: + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + properties: + scale: + description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' + properties: + autoscale: + description: |- + Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, + at most one AutoScaleProfile is allowed. + items: + description: Specifications on auto-scaling. + properties: + maxCount: + description: 'MaxCount: The maximum number of nodes of the specified sizes.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes of the specified sizes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS + will use the next size. + items: + type: string + type: array + type: object + type: array + manual: + description: |- + Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size. Currently, at most one + ManualScaleProfile is allowed. + items: + description: Specifications on number of machines. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will + use the next size. + items: + type: string + type: array + type: object + type: array + type: object + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - KataMshvVmIsolation + - OCIContainer + - WasmWasi + type: string + required: + - name + type: object + type: array + aiToolchainOperatorProfile: + description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' + properties: + enabled: + description: 'Enabled: Indicates if AI toolchain operator enabled or not.' + type: boolean + type: object + apiServerAccessProfile: + description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' + properties: + authorizedIPRanges: + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). + items: + type: string + type: array + disableRunCommand: + description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' + type: boolean + enablePrivateCluster: + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). + type: boolean + enablePrivateClusterPublicFQDN: + description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' + type: boolean + enableVnetIntegration: + description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' + type: boolean + privateDNSZone: + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. + type: string + subnetId: + description: |- + SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable + apiserver vnet integration. + type: string + type: object + autoScalerProfile: + description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + properties: + balance-similar-node-groups: + description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' + type: string + daemonset-eviction-for-empty-nodes: + description: |- + DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the + node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be + deleted without ensuring that daemonset pods are deleted or evicted. + type: boolean + daemonset-eviction-for-occupied-nodes: + description: |- + DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion + of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node + will be deleted without ensuring that daemonset pods are deleted or evicted. + type: boolean + expander: + description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' + enum: + - least-waste + - most-pods + - priority + - random + type: string + ignore-daemonsets-utilization: + description: |- + IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making + scaling down decisions. + type: boolean + max-empty-bulk-delete: + description: 'MaxEmptyBulkDelete: The default is 10.' + type: string + max-graceful-termination-sec: + description: 'MaxGracefulTerminationSec: The default is 600.' + type: string + max-node-provision-time: + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + max-total-unready-percentage: + description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' + type: string + new-pod-scale-up-delay: + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). + type: string + ok-total-unready-count: + description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' + type: string + scale-down-delay-after-add: + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-delay-after-delete: + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. + type: string + scale-down-delay-after-failure: + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. + type: string + scale-down-unneeded-time: + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-unready-time: + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-utilization-threshold: + description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' + type: string + scan-interval: + description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' + type: string + skip-nodes-with-local-storage: + description: 'SkipNodesWithLocalStorage: The default is true.' + type: string + skip-nodes-with-system-pods: + description: 'SkipNodesWithSystemPods: The default is true.' + type: string + type: object + autoUpgradeProfile: + description: 'AutoUpgradeProfile: The auto upgrade configuration.' + properties: + nodeOSUpgradeChannel: + description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' + enum: + - NodeImage + - None + - SecurityPatch + - Unmanaged + type: string + upgradeChannel: + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). + enum: + - node-image + - none + - patch + - rapid + - stable + type: string + type: object + azureMonitorProfile: + description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' + properties: + appMonitoring: + description: |- + AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics + and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + autoInstrumentation: + description: |- + AutoInstrumentation: Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook + to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the + application. See aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + enabled: + description: 'Enabled: Indicates if Application Monitoring Auto Instrumentation is enabled or not.' + type: boolean + type: object + openTelemetryLogs: + description: |- + OpenTelemetryLogs: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and + Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + enabled: + description: 'Enabled: Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.' + type: boolean + port: + description: 'Port: The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.' + type: integer + type: object + openTelemetryMetrics: + description: |- + OpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container + Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + enabled: + description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' + type: boolean + port: + description: 'Port: The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.' + type: integer + type: object + type: object + containerInsights: + description: |- + ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & + stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. + properties: + disableCustomMetrics: + description: |- + DisableCustomMetrics: Indicates whether custom metrics collection has to be disabled or not. If not specified the + default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is + false + type: boolean + disablePrometheusMetricsScraping: + description: |- + DisablePrometheusMetricsScraping: Indicates whether prometheus metrics scraping is disabled or not. If not specified the + default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field + is false + type: boolean + enabled: + description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' + type: boolean + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing + Azure Monitor Container Insights Logs. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + syslogPort: + description: 'SyslogPort: The syslog host port. If not specified, the default port is 28330.' + type: integer + type: object + metrics: + description: 'Metrics: Metrics profile for the prometheus service addon' + properties: + enabled: + description: 'Enabled: Whether to enable the Prometheus collector' + type: boolean + kubeStateMetrics: + description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' + properties: + metricAnnotationsAllowList: + description: |- + MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric. + type: string + metricLabelsAllowlist: + description: |- + MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels + metric. + type: string + type: object + required: + - enabled + type: object + type: object + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ + type: string + bootstrapProfile: + description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' + properties: + artifactSource: + description: 'ArtifactSource: The source where the artifacts are downloaded from.' + enum: + - Cache + - Direct + type: string + containerRegistryReference: + description: |- + ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, + premium SKU and zone redundancy. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a + snapshot. + properties: + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + disableLocalAccounts: + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). + type: boolean + diskEncryptionSetReference: + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + dnsPrefix: + description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' + type: string + enableNamespaceResources: + description: |- + EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed + cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as + a ARM Resource. + type: boolean + enablePodSecurityPolicy: + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. + type: boolean + enableRBAC: + description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' + type: boolean + extendedLocation: + description: 'ExtendedLocation: The extended location of the Virtual Machine.' + properties: + name: + description: 'Name: The name of the extended location.' + type: string + type: + description: 'Type: The type of the extended location.' + enum: + - EdgeZone + type: string + type: object + fqdnSubdomain: + description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' + type: string + httpProxyConfig: + description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + properties: + httpProxy: + description: 'HttpProxy: The HTTP proxy server endpoint to use.' + type: string + httpsProxy: + description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' + type: string + noProxy: + description: 'NoProxy: The endpoints that should not go through proxy.' + items: + type: string + type: array + trustedCa: + description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' + type: string + type: object + identity: + description: 'Identity: The identity of the managed cluster, if configured.' + properties: + delegatedResources: + additionalProperties: + description: Delegated resource properties - internal use only. + properties: + location: + description: 'Location: The source resource location - internal use only.' + type: string + referralResource: + description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' + type: string + resourceReference: + description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + tenantId: + description: 'TenantId: The tenant id of the delegated resource - internal use only.' + pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ + type: string + type: object + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. + type: object + type: + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + enum: + - None + - SystemAssigned + - UserAssigned + type: string + userAssignedIdentities: + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. + items: + description: Information about the user assigned identity for the resource + properties: + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + identityProfile: + additionalProperties: + description: Details about a user assigned identity. + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + description: 'IdentityProfile: Identities associated with the cluster.' + type: object + ingressProfile: + description: 'IngressProfile: Ingress profile for the managed cluster.' + properties: + webAppRouting: + description: 'WebAppRouting: Web App Routing settings for the ingress profile.' + properties: + dnsZoneResourceReferences: + description: |- + DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only + when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS + zones must be in the same resource group and all private DNS zones must be in the same resource group. + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + enabled: + description: 'Enabled: Whether to enable Web App Routing.' + type: boolean + type: object + type: object + kind: + description: 'Kind: This is primarily used to expose different UI experiences in the portal for different kinds' + type: string + kubernetesVersion: + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. + type: string + linuxProfile: + description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' + properties: + adminUsername: + description: 'AdminUsername: The administrator username to use for Linux VMs.' + pattern: ^[A-Za-z][-A-Za-z0-9_]*$ + type: string + ssh: + description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' + properties: + publicKeys: + description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' + items: + description: Contains information about SSH certificate public key data. + properties: + keyData: + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. + type: string + required: + - keyData + type: object + type: array + required: + - publicKeys + type: object + required: + - adminUsername + - ssh + type: object + location: + description: 'Location: The geo-location where the resource lives' + type: string + metricsProfile: + description: 'MetricsProfile: Optional cluster metrics configuration.' + properties: + costAnalysis: + description: 'CostAnalysis: The cost analysis configuration for the cluster' + properties: + enabled: + description: |- + Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will + add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the + default is false. For more information see aka.ms/aks/docs/cost-analysis. + type: boolean + type: object + type: object + networkProfile: + description: 'NetworkProfile: The network configuration profile.' + properties: + advancedNetworking: + description: |- + AdvancedNetworking: Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced + networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking. + properties: + observability: + description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' + properties: + enabled: + description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' + type: boolean + type: object + type: object + dnsServiceIP: + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. + pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ + type: string + ipFamilies: + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. + items: + description: To determine if address belongs IPv4 or IPv6 family. + enum: + - IPv4 + - IPv6 + type: string + type: array + kubeProxyConfig: + description: |- + KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy + defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ + where is represented by a - string. Kubernetes version 1.23 would be '1-23'. + properties: + enabled: + description: |- + Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by + default without these customizations). + type: boolean + ipvsConfig: + description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' + properties: + scheduler: + description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' + enum: + - LeastConnection + - RoundRobin + type: string + tcpFinTimeoutSeconds: + description: |- + TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive + integer value. + type: integer + tcpTimeoutSeconds: + description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' + type: integer + udpTimeoutSeconds: + description: 'UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.' + type: integer + type: object + mode: + description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' + enum: + - IPTABLES + - IPVS + type: string + type: object + loadBalancerProfile: + description: 'LoadBalancerProfile: Profile of the cluster load balancer.' + properties: + allocatedOutboundPorts: + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + maximum: 64000 + minimum: 0 + type: integer + backendPoolType: + description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' + enum: + - NodeIP + - NodeIPConfiguration + type: string + clusterServiceLoadBalancerHealthProbeMode: + description: 'ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.' + enum: + - ServiceNodePort + - Shared + type: string + effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' + items: + description: A reference to an Azure resource. + properties: + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + enableMultipleStandardLoadBalancers: + description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' + type: boolean + idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. + maximum: 120 + minimum: 4 + type: integer + managedOutboundIPs: + description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' + properties: + count: + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. + maximum: 100 + minimum: 1 + type: integer + countIPv6: + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + maximum: 100 + minimum: 0 + type: integer + type: object + outboundIPPrefixes: + description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' + properties: + publicIPPrefixes: + description: 'PublicIPPrefixes: A list of public IP prefix resources.' + items: + description: A reference to an Azure resource. + properties: + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + outboundIPs: + description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' + properties: + publicIPs: + description: 'PublicIPs: A list of public IP resources.' + items: + description: A reference to an Azure resource. + properties: + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + type: object + loadBalancerSku: + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. + enum: + - basic + - standard + type: string + natGatewayProfile: + description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' + properties: + effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' + items: + description: A reference to an Azure resource. + properties: + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. + maximum: 120 + minimum: 4 + type: integer + managedOutboundIPProfile: + description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' + properties: + count: + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. + maximum: 16 + minimum: 1 + type: integer + type: object + type: object + networkDataplane: + description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' + enum: + - azure + - cilium + type: string + networkMode: + description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + enum: + - bridge + - transparent + type: string + networkPlugin: + description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + enum: + - azure + - kubenet + - none + type: string + networkPluginMode: + description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' + enum: + - overlay + type: string + networkPolicy: + description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + enum: + - azure + - calico + - cilium + - none + type: string + outboundType: + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + enum: + - loadBalancer + - managedNATGateway + - none + - userAssignedNATGateway + - userDefinedRouting + type: string + podCidr: + description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ + type: string + podCidrs: + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. + items: + type: string + type: array + podLinkLocalAccess: + description: |- + PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods + with hostNetwork=false. if not specified, the default is 'IMDS'. + enum: + - IMDS + - None + type: string + serviceCidr: + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. + pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ + type: string + serviceCidrs: + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. + items: + type: string + type: array + staticEgressGatewayProfile: + description: |- + StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, + see https://aka.ms/aks/static-egress-gateway. + properties: + enabled: + description: 'Enabled: Indicates if Static Egress Gateway addon is enabled or not.' + type: boolean + type: object + type: object + nodeProvisioningProfile: + description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' + properties: + mode: + description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' + enum: + - Auto + - Manual + type: string + type: object + nodeResourceGroup: + description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' + type: string + nodeResourceGroupProfile: + description: 'NodeResourceGroupProfile: The node resource group configuration profile.' + properties: + restrictionLevel: + description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' + enum: + - ReadOnly + - Unrestricted + type: string + type: object + oidcIssuerProfile: + description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' + properties: + enabled: + description: 'Enabled: Whether the OIDC issuer is enabled.' + type: boolean + type: object + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + oidcIssuerProfile: + description: |- + OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be + created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + secrets: + description: 'Secrets: configures where to place Azure generated secrets.' + properties: + adminCredentials: + description: |- + AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be + retrieved from Azure. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + type: object + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podIdentityProfile: + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. + properties: + allowNetworkPluginKubenet: + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. + type: boolean + enabled: + description: 'Enabled: Whether the pod identity addon is enabled.' + type: boolean + userAssignedIdentities: + description: 'UserAssignedIdentities: The pod identities to use in the cluster.' + items: + description: Details about the pod identity assigned to the Managed Cluster. + properties: + bindingSelector: + description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' + type: string + identity: + description: 'Identity: The user assigned identity details.' + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + name: + description: 'Name: The name of the pod identity.' + type: string + namespace: + description: 'Namespace: The namespace of the pod identity.' + type: string + required: + - identity + - name + - namespace + type: object + type: array + userAssignedIdentityExceptions: + description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' + items: + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + name: + description: 'Name: The name of the pod identity exception.' + type: string + namespace: + description: 'Namespace: The namespace of the pod identity exception.' + type: string + podLabels: + additionalProperties: + type: string + description: 'PodLabels: The pod labels to match.' + type: object + required: + - name + - namespace + - podLabels + type: object + type: array + type: object + privateLinkResources: + description: 'PrivateLinkResources: Private link resources associated with the cluster.' + items: + description: A private link resource + properties: + groupId: + description: 'GroupId: The group ID of the resource.' + type: string + name: + description: 'Name: The name of the private link resource.' + type: string + reference: + description: 'Reference: The ID of the private link resource.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requiredMembers: + description: 'RequiredMembers: The RequiredMembers of the resource' + items: + type: string + type: array + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + publicNetworkAccess: + description: 'PublicNetworkAccess: Allow or deny public network access for AKS' + enum: + - Disabled + - Enabled + - SecuredByPerimeter + type: string + safeguardsProfile: + description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' + properties: + excludedNamespaces: + description: 'ExcludedNamespaces: List of namespaces excluded from Safeguards checks' + items: + type: string + type: array + level: + description: |- + Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS + excludes via systemExcludedNamespaces + enum: + - Enforcement + - "Off" + - Warning + type: string + version: + description: 'Version: The version of constraints to use' + type: string + required: + - level + type: object + securityProfile: + description: 'SecurityProfile: Security profile for the managed cluster.' + properties: + azureKeyVaultKms: + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. + properties: + enabled: + description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' + type: boolean + keyId: + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. + type: string + keyVaultNetworkAccess: + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. + enum: + - Private + - Public + type: string + keyVaultResourceReference: + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + customCATrustCertificates: + description: |- + CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the + Custom CA Trust feature enabled. For more information see [Custom CA Trust + Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) + items: + type: string + maxItems: 10 + minItems: 0 + type: array + defender: + description: 'Defender: Microsoft Defender settings for the security profile.' + properties: + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + securityMonitoring: + description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Defender threat detection' + type: boolean + type: object + type: object + imageCleaner: + description: 'ImageCleaner: Image Cleaner settings for the security profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' + type: boolean + intervalHours: + description: 'IntervalHours: Image Cleaner scanning interval in hours.' + type: integer + type: object + imageIntegrity: + description: |- + ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This + will not have any effect unless Azure Policy is applied to enforce image signatures. See + https://aka.ms/aks/image-integrity for how to use this feature via policy. + properties: + enabled: + description: 'Enabled: Whether to enable image integrity. The default value is false.' + type: boolean + type: object + nodeRestriction: + description: |- + NodeRestriction: [Node + Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings + for the security profile. + properties: + enabled: + description: 'Enabled: Whether to enable Node Restriction' + type: boolean + type: object + workloadIdentity: + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. + properties: + enabled: + description: 'Enabled: Whether to enable workload identity.' + type: boolean + type: object + type: object + serviceMeshProfile: + description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' + properties: + istio: + description: 'Istio: Istio service mesh configuration.' + properties: + certificateAuthority: + description: |- + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca + properties: + plugin: + description: 'Plugin: Plugin certificates information for Service Mesh.' + properties: + certChainObjectName: + description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' + type: string + certObjectName: + description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' + type: string + keyObjectName: + description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' + type: string + keyVaultReference: + description: 'KeyVaultReference: The resource ID of the Key Vault.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + rootCertObjectName: + description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' + type: string + type: object + type: object + components: + description: 'Components: Istio components configuration.' + properties: + egressGateways: + description: 'EgressGateways: Istio egress gateways.' + items: + description: Istio egress gateway configuration. + properties: + enabled: + description: 'Enabled: Whether to enable the egress gateway.' + type: boolean + required: + - enabled + type: object + type: array + ingressGateways: + description: 'IngressGateways: Istio ingress gateways.' + items: + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + enabled: + description: 'Enabled: Whether to enable the ingress gateway.' + type: boolean + mode: + description: 'Mode: Mode of an ingress gateway.' + enum: + - External + - Internal + type: string + required: + - enabled + - mode + type: object + type: array + type: object + revisions: + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade + items: + type: string + maxItems: 2 + type: array + type: object + mode: + description: 'Mode: Mode of the service mesh.' + enum: + - Disabled + - Istio + type: string + required: + - mode + type: object + servicePrincipalProfile: + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. + properties: + clientId: + description: 'ClientId: The ID for the service principal.' + type: string + secret: + description: 'Secret: The secret password associated with the service principal in plain text.' + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + required: + - clientId + type: object + sku: + description: 'Sku: The managed cluster SKU.' + properties: + name: + description: 'Name: The name of a managed cluster SKU.' + enum: + - Automatic + - Base + type: string + tier: + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. + enum: + - Free + - Premium + - Standard + type: string + type: object + storageProfile: + description: 'StorageProfile: Storage profile for the managed cluster.' + properties: + blobCSIDriver: + description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' + type: boolean + type: object + diskCSIDriver: + description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' + type: boolean + version: + description: 'Version: The version of AzureDisk CSI Driver. The default value is v1.' + type: string + type: object + fileCSIDriver: + description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' + type: boolean + type: object + snapshotController: + description: 'SnapshotController: Snapshot Controller settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' + type: boolean + type: object + type: object + supportPlan: + description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' + enum: + - AKSLongTermSupport + - KubernetesOfficial + type: string + tags: + additionalProperties: + type: string + description: 'Tags: Resource tags.' + type: object + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading a cluster.' + properties: + overrideSettings: + description: 'OverrideSettings: Settings for overrides.' + properties: + forceUpgrade: + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. + type: boolean + until: + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. + type: string + type: object + type: object + windowsProfile: + description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' + properties: + adminPassword: + description: |- + AdminPassword: Specifies the password of the administrator account. + Minimum-length: 8 characters + Max-length: 123 characters + Complexity requirements: 3 out of 4 conditions below need to be fulfilled + Has lower characters + Has upper characters + Has a digit + Has a special character (Regex match [\W_]) + Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", + "Password22", "iloveyou!" + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + adminUsername: + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters + type: string + enableCSIProxy: + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). + type: boolean + gmsaProfile: + description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' + properties: + dnsServer: + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + type: string + enabled: + description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' + type: boolean + rootDomainName: + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + type: string + type: object + licenseType: + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + enum: + - None + - Windows_Server + type: string + required: + - adminUsername + type: object + workloadAutoScalerProfile: + description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' + properties: + keda: + description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' + properties: + enabled: + description: 'Enabled: Whether to enable KEDA.' + type: boolean + required: + - enabled + type: object + verticalPodAutoscaler: + properties: + addonAutoscaling: + description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' + enum: + - Disabled + - Enabled + type: string + enabled: + description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' + type: boolean + required: + - enabled + type: object + type: object + required: + - location + - owner + type: object + status: + description: Managed cluster. + properties: + aadProfile: + description: 'AadProfile: The Azure Active Directory configuration.' + properties: + adminGroupObjectIDs: + description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' + items: + type: string + type: array + clientAppID: + description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + enableAzureRBAC: + description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' + type: boolean + managed: + description: 'Managed: Whether to enable managed AAD.' + type: boolean + serverAppID: + description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + serverAppSecret: + description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' + type: string + tenantID: + description: |- + TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment + subscription. + type: string + type: object + addonProfiles: + additionalProperties: + description: A Kubernetes add-on profile for a managed cluster. + properties: + config: + additionalProperties: + type: string + description: 'Config: Key-value pairs for configuring an add-on.' + type: object + enabled: + description: 'Enabled: Whether the add-on is enabled or not.' + type: boolean + identity: + description: 'Identity: Information of user assigned identity used by this add-on.' + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object + type: object + description: 'AddonProfiles: The profile of managed cluster add-on.' + type: object + agentPoolProfiles: + description: 'AgentPoolProfiles: The agent pool properties.' + items: + description: Profile for the container service agent pool. + properties: + artifactStreamingProfile: + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + properties: + enabled: + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. + type: boolean + type: object + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + type: string + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' + type: string + type: object + currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. + type: string + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gatewayProfile: + description: |- + GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is + not Gateway. + properties: + publicIPPrefixSize: + description: |- + PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide + public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with + one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure + public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 + nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. + type: integer + type: object + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + type: string + gpuProfile: + description: 'GpuProfile: The GPU settings of an agent pool.' + properties: + installGPUDriver: + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. + type: boolean + type: object + hostGroupID: + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + type: string + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + type: string + name: + description: 'Name: Windows agent pool names must be 6 characters or less.' + type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + type: string + type: object + type: array + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' + items: + type: string + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object + nodeImageVersion: + description: 'NodeImageVersion: The version of node image' + type: string + nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` + items: + type: string + type: array + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + type: string + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + type: string + podIPAllocationMode: + description: |- + PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is + 'DynamicIndividual'. + type: string + podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + type: string + type: object + provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' + type: string + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + sshAccess: + description: 'SshAccess: SSH access method of an agent pool.' + type: string + type: object + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: The type of Agent Pool.' + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + type: integer + maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + type: integer + undrainableNodeBehavior: + description: |- + UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable + nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the + remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. + type: string + type: object + virtualMachineNodesStatus: + items: + description: Current status on a group of nodes of the same vm size. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + size: + description: 'Size: The VM size of the agents used to host this group of nodes.' + type: string + type: object + type: array + virtualMachinesProfile: + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + properties: + scale: + description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' + properties: + autoscale: + description: |- + Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, + at most one AutoScaleProfile is allowed. + items: + description: Specifications on auto-scaling. + properties: + maxCount: + description: 'MaxCount: The maximum number of nodes of the specified sizes.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes of the specified sizes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS + will use the next size. + items: + type: string + type: array + type: object + type: array + manual: + description: |- + Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size. Currently, at most one + ManualScaleProfile is allowed. + items: + description: Specifications on number of machines. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will + use the next size. + items: + type: string + type: array + type: object + type: array + type: object + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + type: string + type: object + type: array + aiToolchainOperatorProfile: + description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' + properties: + enabled: + description: 'Enabled: Indicates if AI toolchain operator enabled or not.' + type: boolean + type: object + apiServerAccessProfile: + description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' + properties: + authorizedIPRanges: + description: |- + AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with + clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API + server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). + items: + type: string + type: array + disableRunCommand: + description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' + type: boolean + enablePrivateCluster: + description: |- + EnablePrivateCluster: For more details, see [Creating a private AKS + cluster](https://docs.microsoft.com/azure/aks/private-clusters). + type: boolean + enablePrivateClusterPublicFQDN: + description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' + type: boolean + enableVnetIntegration: + description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' + type: boolean + privateDNSZone: + description: |- + PrivateDNSZone: The default is System. For more details see [configure private DNS + zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and + 'none'. + type: string + subnetId: + description: |- + SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable + apiserver vnet integration. + type: string + type: object + autoScalerProfile: + description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' + properties: + balance-similar-node-groups: + description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' + type: string + daemonset-eviction-for-empty-nodes: + description: |- + DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the + node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be + deleted without ensuring that daemonset pods are deleted or evicted. + type: boolean + daemonset-eviction-for-occupied-nodes: + description: |- + DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion + of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node + will be deleted without ensuring that daemonset pods are deleted or evicted. + type: boolean + expander: + description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' + type: string + ignore-daemonsets-utilization: + description: |- + IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making + scaling down decisions. + type: boolean + max-empty-bulk-delete: + description: 'MaxEmptyBulkDelete: The default is 10.' + type: string + max-graceful-termination-sec: + description: 'MaxGracefulTerminationSec: The default is 600.' + type: string + max-node-provision-time: + description: |- + MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + max-total-unready-percentage: + description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' + type: string + new-pod-scale-up-delay: + description: |- + NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler + could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is + '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). + type: string + ok-total-unready-count: + description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' + type: string + scale-down-delay-after-add: + description: |- + ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-delay-after-delete: + description: |- + ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of + time other than minutes (m) is supported. + type: string + scale-down-delay-after-failure: + description: |- + ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other + than minutes (m) is supported. + type: string + scale-down-unneeded-time: + description: |- + ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-unready-time: + description: |- + ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than + minutes (m) is supported. + type: string + scale-down-utilization-threshold: + description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' + type: string + scan-interval: + description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' + type: string + skip-nodes-with-local-storage: + description: 'SkipNodesWithLocalStorage: The default is true.' + type: string + skip-nodes-with-system-pods: + description: 'SkipNodesWithSystemPods: The default is true.' + type: string + type: object + autoUpgradeProfile: + description: 'AutoUpgradeProfile: The auto upgrade configuration.' + properties: + nodeOSUpgradeChannel: + description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' + type: string + upgradeChannel: + description: |- + UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade + channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). + type: string + type: object + azureMonitorProfile: + description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' + properties: + appMonitoring: + description: |- + AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics + and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + autoInstrumentation: + description: |- + AutoInstrumentation: Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook + to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the + application. See aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + enabled: + description: 'Enabled: Indicates if Application Monitoring Auto Instrumentation is enabled or not.' + type: boolean + type: object + openTelemetryLogs: + description: |- + OpenTelemetryLogs: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and + Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + enabled: + description: 'Enabled: Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.' + type: boolean + port: + description: 'Port: The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.' + type: integer + type: object + openTelemetryMetrics: + description: |- + OpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container + Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + enabled: + description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' + type: boolean + port: + description: 'Port: The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.' + type: integer + type: object + type: object + containerInsights: + description: |- + ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & + stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. + properties: + disableCustomMetrics: + description: |- + DisableCustomMetrics: Indicates whether custom metrics collection has to be disabled or not. If not specified the + default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is + false + type: boolean + disablePrometheusMetricsScraping: + description: |- + DisablePrometheusMetricsScraping: Indicates whether prometheus metrics scraping is disabled or not. If not specified the + default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field + is false + type: boolean + enabled: + description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' + type: boolean + logAnalyticsWorkspaceResourceId: + description: |- + LogAnalyticsWorkspaceResourceId: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure + Monitor Container Insights Logs. + type: string + syslogPort: + description: 'SyslogPort: The syslog host port. If not specified, the default port is 28330.' + type: integer + type: object + metrics: + description: 'Metrics: Metrics profile for the prometheus service addon' + properties: + enabled: + description: 'Enabled: Whether to enable the Prometheus collector' + type: boolean + kubeStateMetrics: + description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' + properties: + metricAnnotationsAllowList: + description: |- + MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's + labels metric. + type: string + metricLabelsAllowlist: + description: |- + MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels + metric. + type: string + type: object + type: object + type: object + azurePortalFQDN: + description: |- + AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some + responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure + Portal to function properly. + type: string + bootstrapProfile: + description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' + properties: + artifactSource: + description: 'ArtifactSource: The source where the artifacts are downloaded from.' + type: string + containerRegistryId: + description: |- + ContainerRegistryId: The resource Id of Azure Container Registry. The registry must have private network access, premium + SKU and zone redundancy. + type: string + type: object + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a + snapshot. + properties: + sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' + type: string + type: object + currentKubernetesVersion: + description: 'CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running.' + type: string + disableLocalAccounts: + description: |- + DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be + used on Managed Clusters that are AAD enabled. For more details see [disable local + accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). + type: boolean + diskEncryptionSetID: + description: |- + DiskEncryptionSetID: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + type: string + dnsPrefix: + description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. + type: string + enableNamespaceResources: + description: |- + EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed + cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as + a ARM Resource. + type: boolean + enablePodSecurityPolicy: + description: |- + EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was + deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and + https://aka.ms/aks/psp. + type: boolean + enableRBAC: + description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' + type: boolean + extendedLocation: + description: 'ExtendedLocation: The extended location of the Virtual Machine.' + properties: + name: + description: 'Name: The name of the extended location.' + type: string + type: + description: 'Type: The type of the extended location.' + type: string + type: object + fqdn: + description: 'Fqdn: The FQDN of the master pool.' + type: string + fqdnSubdomain: + description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' + type: string + httpProxyConfig: + description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' + properties: + effectiveNoProxy: + description: |- + EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a + superset of noProxy and values injected by AKS. + items: + type: string + type: array + httpProxy: + description: 'HttpProxy: The HTTP proxy server endpoint to use.' + type: string + httpsProxy: + description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' + type: string + noProxy: + description: 'NoProxy: The endpoints that should not go through proxy.' + items: + type: string + type: array + trustedCa: + description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' + type: string + type: object + id: + description: |- + Id: Fully qualified resource ID for the resource. E.g. + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + type: string + identity: + description: 'Identity: The identity of the managed cluster, if configured.' + properties: + delegatedResources: + additionalProperties: + description: Delegated resource properties - internal use only. + properties: + location: + description: 'Location: The source resource location - internal use only.' + type: string + referralResource: + description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' + type: string + resourceId: + description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' + type: string + tenantId: + description: 'TenantId: The tenant id of the delegated resource - internal use only.' + type: string + type: object + description: |- + DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another + Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. + type: object + principalId: + description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' + type: string + tenantId: + description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' + type: string + type: + description: |- + Type: For more information see [use managed identities in + AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). + type: string + userAssignedIdentities: + additionalProperties: + properties: + clientId: + description: 'ClientId: The client id of user assigned identity.' + type: string + principalId: + description: 'PrincipalId: The principal id of user assigned identity.' + type: string + type: object + description: |- + UserAssignedIdentities: The keys must be ARM resource IDs in the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. + type: object + type: object + identityProfile: + additionalProperties: + description: Details about a user assigned identity. + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object + description: 'IdentityProfile: Identities associated with the cluster.' + type: object + ingressProfile: + description: 'IngressProfile: Ingress profile for the managed cluster.' + properties: + webAppRouting: + description: 'WebAppRouting: Web App Routing settings for the ingress profile.' + properties: + dnsZoneResourceIds: + description: |- + DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web + App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must + be in the same resource group and all private DNS zones must be in the same resource group. + items: + type: string + type: array + enabled: + description: 'Enabled: Whether to enable Web App Routing.' + type: boolean + identity: + description: |- + Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted + permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See + [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more + instructions. + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object + type: object + type: object + kind: + description: 'Kind: This is primarily used to expose different UI experiences in the portal for different kinds' + type: string + kubernetesVersion: + description: |- + KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades + must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> + 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS + cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. + type: string + linuxProfile: + description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' + properties: + adminUsername: + description: 'AdminUsername: The administrator username to use for Linux VMs.' + type: string + ssh: + description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' + properties: + publicKeys: + description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' + items: + description: Contains information about SSH certificate public key data. + properties: + keyData: + description: |- + KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or + without headers. + type: string + type: object + type: array + type: object + type: object + location: + description: 'Location: The geo-location where the resource lives' + type: string + maxAgentPools: + description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' + type: integer + metricsProfile: + description: 'MetricsProfile: Optional cluster metrics configuration.' + properties: + costAnalysis: + description: 'CostAnalysis: The cost analysis configuration for the cluster' + properties: + enabled: + description: |- + Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will + add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the + default is false. For more information see aka.ms/aks/docs/cost-analysis. + type: boolean + type: object + type: object + name: + description: 'Name: The name of the resource' + type: string + networkProfile: + description: 'NetworkProfile: The network configuration profile.' + properties: + advancedNetworking: + description: |- + AdvancedNetworking: Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced + networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking. + properties: + observability: + description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' + properties: + enabled: + description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' + type: boolean + type: object + type: object + dnsServiceIP: + description: |- + DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address + range specified in serviceCidr. + type: string + ipFamilies: + description: |- + IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value + is IPv4. For dual-stack, the expected values are IPv4 and IPv6. + items: + description: To determine if address belongs IPv4 or IPv6 family. + type: string + type: array + kubeProxyConfig: + description: |- + KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy + defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ + where is represented by a - string. Kubernetes version 1.23 would be '1-23'. + properties: + enabled: + description: |- + Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by + default without these customizations). + type: boolean + ipvsConfig: + description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' + properties: + scheduler: + description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' + type: string + tcpFinTimeoutSeconds: + description: |- + TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive + integer value. + type: integer + tcpTimeoutSeconds: + description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' + type: integer + udpTimeoutSeconds: + description: 'UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.' + type: integer + type: object + mode: + description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' + type: string + type: object + loadBalancerProfile: + description: 'LoadBalancerProfile: Profile of the cluster load balancer.' + properties: + allocatedOutboundPorts: + description: |- + AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 + (inclusive). The default value is 0 which results in Azure dynamically allocating ports. + type: integer + backendPoolType: + description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' + type: string + clusterServiceLoadBalancerHealthProbeMode: + description: 'ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.' + type: string + effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' + items: + description: A reference to an Azure resource. + properties: + id: + description: 'Id: The fully qualified Azure resource id.' + type: string + type: object + type: array + enableMultipleStandardLoadBalancers: + description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' + type: boolean + idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 30 minutes. + type: integer + managedOutboundIPs: + description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' + properties: + count: + description: |- + Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values + must be in the range of 1 to 100 (inclusive). The default value is 1. + type: integer + countIPv6: + description: |- + CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed + values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. + type: integer + type: object + outboundIPPrefixes: + description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' + properties: + publicIPPrefixes: + description: 'PublicIPPrefixes: A list of public IP prefix resources.' + items: + description: A reference to an Azure resource. + properties: + id: + description: 'Id: The fully qualified Azure resource id.' + type: string + type: object + type: array + type: object + outboundIPs: + description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' + properties: + publicIPs: + description: 'PublicIPs: A list of public IP resources.' + items: + description: A reference to an Azure resource. + properties: + id: + description: 'Id: The fully qualified Azure resource id.' + type: string + type: object + type: array + type: object + type: object + loadBalancerSku: + description: |- + LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer + SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load + balancer SKUs. + type: string + natGatewayProfile: + description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' + properties: + effectiveOutboundIPs: + description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' + items: + description: A reference to an Azure resource. + properties: + id: + description: 'Id: The fully qualified Azure resource id.' + type: string + type: object + type: array + idleTimeoutInMinutes: + description: |- + IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 + (inclusive). The default value is 4 minutes. + type: integer + managedOutboundIPProfile: + description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' + properties: + count: + description: |- + Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 + (inclusive). The default value is 1. + type: integer + type: object + type: object + networkDataplane: + description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' + type: string + networkMode: + description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' + type: string + networkPlugin: + description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' + type: string + networkPluginMode: + description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' + type: string + networkPolicy: + description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' + type: string + outboundType: + description: |- + OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see + [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). + type: string + podCidr: + description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' + type: string + podCidrs: + description: |- + PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. + items: + type: string + type: array + podLinkLocalAccess: + description: |- + PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods + with hostNetwork=false. if not specified, the default is 'IMDS'. + type: string + serviceCidr: + description: |- + ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP + ranges. + type: string + serviceCidrs: + description: |- + ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is + expected for dual-stack networking. They must not overlap with any Subnet IP ranges. + items: + type: string + type: array + staticEgressGatewayProfile: + description: |- + StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, + see https://aka.ms/aks/static-egress-gateway. + properties: + enabled: + description: 'Enabled: Indicates if Static Egress Gateway addon is enabled or not.' + type: boolean + type: object + type: object + nodeProvisioningProfile: + description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' + properties: + mode: + description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' + type: string + type: object + nodeResourceGroup: + description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' + type: string + nodeResourceGroupProfile: + description: 'NodeResourceGroupProfile: The node resource group configuration profile.' + properties: + restrictionLevel: + description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' + type: string + type: object + oidcIssuerProfile: + description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' + properties: + enabled: + description: 'Enabled: Whether the OIDC issuer is enabled.' + type: boolean + issuerURL: + description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' + type: string + type: object + podIdentityProfile: + description: |- + PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more + details on AAD pod identity integration. + properties: + allowNetworkPluginKubenet: + description: |- + AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod + Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod + Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) + for more information. + type: boolean + enabled: + description: 'Enabled: Whether the pod identity addon is enabled.' + type: boolean + userAssignedIdentities: + description: 'UserAssignedIdentities: The pod identities to use in the cluster.' + items: + description: Details about the pod identity assigned to the Managed Cluster. + properties: + bindingSelector: + description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' + type: string + identity: + description: 'Identity: The user assigned identity details.' + properties: + clientId: + description: 'ClientId: The client ID of the user assigned identity.' + type: string + objectId: + description: 'ObjectId: The object ID of the user assigned identity.' + type: string + resourceId: + description: 'ResourceId: The resource ID of the user assigned identity.' + type: string + type: object + name: + description: 'Name: The name of the pod identity.' + type: string + namespace: + description: 'Namespace: The namespace of the pod identity.' + type: string + provisioningInfo: + properties: + error: + description: 'Error: Pod identity assignment error (if any).' + properties: + error: + description: 'Error: Details about the error.' + properties: + code: + description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' + type: string + details: + description: 'Details: A list of additional details about the error.' + items: + properties: + code: + description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' + type: string + message: + description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' + type: string + target: + description: 'Target: The target of the particular error. For example, the name of the property in error.' + type: string + type: object + type: array + message: + description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' + type: string + target: + description: 'Target: The target of the particular error. For example, the name of the property in error.' + type: string + type: object + type: object + type: object + provisioningState: + description: 'ProvisioningState: The current provisioning state of the pod identity.' + type: string + type: object + type: array + userAssignedIdentityExceptions: + description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' + items: + description: |- + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + name: + description: 'Name: The name of the pod identity exception.' + type: string + namespace: + description: 'Namespace: The namespace of the pod identity exception.' + type: string + podLabels: + additionalProperties: + type: string + description: 'PodLabels: The pod labels to match.' + type: object + type: object + type: array + type: object + powerState: + description: 'PowerState: The Power State of the cluster.' + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + type: string + type: object + privateFQDN: + description: 'PrivateFQDN: The FQDN of private cluster.' + type: string + privateLinkResources: + description: 'PrivateLinkResources: Private link resources associated with the cluster.' + items: + description: A private link resource + properties: + groupId: + description: 'GroupId: The group ID of the resource.' + type: string + id: + description: 'Id: The ID of the private link resource.' + type: string + name: + description: 'Name: The name of the private link resource.' + type: string + privateLinkServiceID: + description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' + type: string + requiredMembers: + description: 'RequiredMembers: The RequiredMembers of the resource' + items: + type: string + type: array + type: + description: 'Type: The resource type.' + type: string + type: object + type: array + provisioningState: + description: 'ProvisioningState: The current provisioning state.' + type: string + publicNetworkAccess: + description: 'PublicNetworkAccess: Allow or deny public network access for AKS' + type: string + resourceUID: + description: |- + ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create + sequence) + type: string + safeguardsProfile: + description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' + properties: + excludedNamespaces: + description: 'ExcludedNamespaces: List of namespaces excluded from Safeguards checks' + items: + type: string + type: array + level: + description: |- + Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS + excludes via systemExcludedNamespaces + type: string + systemExcludedNamespaces: + description: 'SystemExcludedNamespaces: List of namespaces specified by AKS to be excluded from Safeguards' + items: + type: string + type: array + version: + description: 'Version: The version of constraints to use' + type: string + type: object + securityProfile: + description: 'SecurityProfile: Security profile for the managed cluster.' + properties: + azureKeyVaultKms: + description: |- + AzureKeyVaultKms: Azure Key Vault [key management + service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. + properties: + enabled: + description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' + type: boolean + keyId: + description: |- + KeyId: Identifier of Azure Key Vault key. See [key identifier + format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) + for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key + identifier. When Azure Key Vault key management service is disabled, leave the field empty. + type: string + keyVaultNetworkAccess: + description: |- + KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the + key vault allows public access from all networks. `Private` means the key vault disables public access and enables + private link. The default value is `Public`. + type: string + keyVaultResourceId: + description: |- + KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must + be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + type: string + type: object + customCATrustCertificates: + description: |- + CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the + Custom CA Trust feature enabled. For more information see [Custom CA Trust + Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) + items: + type: string + type: array + defender: + description: 'Defender: Microsoft Defender settings for the security profile.' + properties: + logAnalyticsWorkspaceResourceId: + description: |- + LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. + When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft + Defender is disabled, leave the field empty. + type: string + securityMonitoring: + description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Defender threat detection' + type: boolean + type: object + type: object + imageCleaner: + description: 'ImageCleaner: Image Cleaner settings for the security profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' + type: boolean + intervalHours: + description: 'IntervalHours: Image Cleaner scanning interval in hours.' + type: integer + type: object + imageIntegrity: + description: |- + ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This + will not have any effect unless Azure Policy is applied to enforce image signatures. See + https://aka.ms/aks/image-integrity for how to use this feature via policy. + properties: + enabled: + description: 'Enabled: Whether to enable image integrity. The default value is false.' + type: boolean + type: object + nodeRestriction: + description: |- + NodeRestriction: [Node + Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings + for the security profile. + properties: + enabled: + description: 'Enabled: Whether to enable Node Restriction' + type: boolean + type: object + workloadIdentity: + description: |- + WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications + to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. + properties: + enabled: + description: 'Enabled: Whether to enable workload identity.' + type: boolean + type: object + type: object + serviceMeshProfile: + description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' + properties: + istio: + description: 'Istio: Istio service mesh configuration.' + properties: + certificateAuthority: + description: |- + CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin + certificates as described here https://aka.ms/asm-plugin-ca + properties: + plugin: + description: 'Plugin: Plugin certificates information for Service Mesh.' + properties: + certChainObjectName: + description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' + type: string + certObjectName: + description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' + type: string + keyObjectName: + description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' + type: string + keyVaultId: + description: 'KeyVaultId: The resource ID of the Key Vault.' + type: string + rootCertObjectName: + description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' + type: string + type: object + type: object + components: + description: 'Components: Istio components configuration.' + properties: + egressGateways: + description: 'EgressGateways: Istio egress gateways.' + items: + description: Istio egress gateway configuration. + properties: + enabled: + description: 'Enabled: Whether to enable the egress gateway.' + type: boolean + type: object + type: array + ingressGateways: + description: 'IngressGateways: Istio ingress gateways.' + items: + description: |- + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + enabled: + description: 'Enabled: Whether to enable the ingress gateway.' + type: boolean + mode: + description: 'Mode: Mode of an ingress gateway.' + type: string + type: object + type: array + type: object + revisions: + description: |- + Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. + When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: + https://learn.microsoft.com/en-us/azure/aks/istio-upgrade + items: + type: string + type: array + type: object + mode: + description: 'Mode: Mode of the service mesh.' + type: string + type: object + servicePrincipalProfile: + description: |- + ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure + APIs. + properties: + clientId: + description: 'ClientId: The ID for the service principal.' + type: string + type: object + sku: + description: 'Sku: The managed cluster SKU.' + properties: + name: + description: 'Name: The name of a managed cluster SKU.' + type: string + tier: + description: |- + Tier: If not specified, the default is 'Free'. See [AKS Pricing + Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. + type: string + type: object + storageProfile: + description: 'StorageProfile: Storage profile for the managed cluster.' + properties: + blobCSIDriver: + description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' + type: boolean + type: object + diskCSIDriver: + description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' + type: boolean + version: + description: 'Version: The version of AzureDisk CSI Driver. The default value is v1.' + type: string + type: object + fileCSIDriver: + description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' + type: boolean + type: object + snapshotController: + description: 'SnapshotController: Snapshot Controller settings for the storage profile.' + properties: + enabled: + description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' + type: boolean + type: object + type: object + supportPlan: + description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' + type: string + systemData: + description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' + properties: + createdAt: + description: 'CreatedAt: The timestamp of resource creation (UTC).' + type: string + createdBy: + description: 'CreatedBy: The identity that created the resource.' + type: string + createdByType: + description: 'CreatedByType: The type of identity that created the resource.' + type: string + lastModifiedAt: + description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' + type: string + lastModifiedBy: + description: 'LastModifiedBy: The identity that last modified the resource.' + type: string + lastModifiedByType: + description: 'LastModifiedByType: The type of identity that last modified the resource.' + type: string + type: object + tags: + additionalProperties: + type: string + description: 'Tags: Resource tags.' + type: object + type: + description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading a cluster.' + properties: + overrideSettings: + description: 'OverrideSettings: Settings for overrides.' + properties: + forceUpgrade: + description: |- + ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade + protections such as checking for deprecated API usage. Enable this option only with caution. + type: boolean + until: + description: |- + Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the + effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set + by default. It must be set for the overrides to take effect. + type: string + type: object + type: object + windowsProfile: + description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' + properties: + adminUsername: + description: |- + AdminUsername: Specifies the name of the administrator account. + Restriction: Cannot end in "." + Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", + "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", + "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". + Minimum-length: 1 character + Max-length: 20 characters + type: string + enableCSIProxy: + description: |- + EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub + repo](https://github.com/kubernetes-csi/csi-proxy). + type: boolean + gmsaProfile: + description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' + properties: + dnsServer: + description: |- + DnsServer: Specifies the DNS server for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + type: string + enabled: + description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' + type: boolean + rootDomainName: + description: |- + RootDomainName: Specifies the root domain name for Windows gMSA. + Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. + type: string + type: object + licenseType: + description: |- + LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User + Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. + type: string + type: object + workloadAutoScalerProfile: + description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' + properties: + keda: + description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' + properties: + enabled: + description: 'Enabled: Whether to enable KEDA.' + type: boolean + type: object + verticalPodAutoscaler: + properties: + addonAutoscaling: + description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' + type: string + enabled: + description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' + type: boolean + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20240402previewstorage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20240402preview.ManagedCluster + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20240402preview.ManagedCluster_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + aadProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAADProfile + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminGroupObjectIDs: + items: + type: string + type: array + clientAppID: + type: string + enableAzureRBAC: + type: boolean + managed: + type: boolean + serverAppID: + type: string + serverAppSecret: + type: string + tenantID: + type: string + type: object + addonProfiles: + additionalProperties: + description: |- + Storage version of v1api20240402preview.ManagedClusterAddonProfile + A Kubernetes add-on profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + config: + additionalProperties: + type: string + type: object + enabled: + type: boolean + type: object + type: object + agentPoolProfiles: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterAgentPoolProfile + Profile for the container service agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + availabilityZones: + items: + type: string + type: array + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + count: + type: integer + creationData: + description: |- + Storage version of v1api20240402preview.CreationData + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + enableAutoScaling: + type: boolean + enableCustomCATrust: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gatewayProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolGatewayProfile + Profile of the managed cluster gateway agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixSize: + type: integer + type: object + gpuInstanceProfile: + type: string + gpuProfile: + description: Storage version of v1api20240402preview.AgentPoolGPUProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: |- + Storage version of v1api20240402preview.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: |- + Storage version of v1api20240402preview.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: |- + Storage version of v1api20240402preview.SysctlConfig + Sysctl settings for Linux agent nodes. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + messageOfTheDay: + type: string + minCount: + type: integer + mode: + type: string + name: + type: string + networkProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolNetworkProfile + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20240402preview.PortRange + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroupsReferences: + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20240402preview.IPTag + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object + nodeInitializationTaints: + items: + type: string + type: array + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podIPAllocationMode: + type: string + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + powerState: + description: |- + Storage version of v1api20240402preview.PowerState + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + securityProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolSecurityProfile + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240402preview.AgentPoolUpgradeSettings + Settings for upgrading an agentpool + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: + type: string + nodeSoakDurationInMinutes: + type: integer + undrainableNodeBehavior: + type: string + type: object + virtualMachineNodesStatus: + items: + description: |- + Storage version of v1api20240402preview.VirtualMachineNodes + Current status on a group of nodes of the same vm size. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: |- + Storage version of v1api20240402preview.VirtualMachinesProfile + Specifications on VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: |- + Storage version of v1api20240402preview.ScaleProfile + Specifications on how to scale a VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + autoscale: + items: + description: |- + Storage version of v1api20240402preview.AutoScaleProfile + Specifications on auto-scaling. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxCount: + type: integer + minCount: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + manual: + items: + description: |- + Storage version of v1api20240402preview.ManualScaleProfile + Specifications on number of machines. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object + type: object + vmSize: + type: string + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + windowsProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolWindowsProfile + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object + workloadRuntime: + type: string + type: object + type: array + aiToolchainOperatorProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAIToolchainOperatorProfile + When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator + automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and + enables distributed inference against them. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + apiServerAccessProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAPIServerAccessProfile + Access profile for managed cluster API server. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: + items: + type: string + type: array + disableRunCommand: + type: boolean + enablePrivateCluster: + type: boolean + enablePrivateClusterPublicFQDN: + type: boolean + enableVnetIntegration: + type: boolean + privateDNSZone: + type: string + subnetId: + type: string + type: object + autoScalerProfile: + description: Storage version of v1api20240402preview.ManagedClusterProperties_AutoScalerProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + balance-similar-node-groups: + type: string + daemonset-eviction-for-empty-nodes: + type: boolean + daemonset-eviction-for-occupied-nodes: + type: boolean + expander: + type: string + ignore-daemonsets-utilization: + type: boolean + max-empty-bulk-delete: + type: string + max-graceful-termination-sec: + type: string + max-node-provision-time: + type: string + max-total-unready-percentage: + type: string + new-pod-scale-up-delay: + type: string + ok-total-unready-count: + type: string + scale-down-delay-after-add: + type: string + scale-down-delay-after-delete: + type: string + scale-down-delay-after-failure: + type: string + scale-down-unneeded-time: + type: string + scale-down-unready-time: + type: string + scale-down-utilization-threshold: + type: string + scan-interval: + type: string + skip-nodes-with-local-storage: + type: string + skip-nodes-with-system-pods: + type: string + type: object + autoUpgradeProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAutoUpgradeProfile + Auto upgrade profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + nodeOSUpgradeChannel: + type: string + upgradeChannel: + type: string + type: object + azureMonitorProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfile + Prometheus addon profile for the container service cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + appMonitoring: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoring + Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces + through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + autoInstrumentation: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation + Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument + Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + openTelemetryLogs: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs + Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects + OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + port: + type: integer + type: object + openTelemetryMetrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics + Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects + OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + port: + type: integer + type: object + type: object + containerInsights: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileContainerInsights + Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See + aka.ms/AzureMonitorContainerInsights for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableCustomMetrics: + type: boolean + disablePrometheusMetricsScraping: + type: boolean + enabled: + type: boolean + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing + Azure Monitor Container Insights Logs. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + syslogPort: + type: integer + type: object + metrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileMetrics + Metrics profile for the prometheus service addon + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + kubeStateMetrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileKubeStateMetrics + Kube State Metrics for prometheus addon profile for the container service cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metricAnnotationsAllowList: + type: string + metricLabelsAllowlist: + type: string + type: object + type: object + type: object + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + bootstrapProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterBootstrapProfile + The bootstrap profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactSource: + type: string + containerRegistryReference: + description: |- + ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, + premium SKU and zone redundancy. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + creationData: + description: |- + Storage version of v1api20240402preview.CreationData + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + disableLocalAccounts: + type: boolean + diskEncryptionSetReference: + description: |- + DiskEncryptionSetReference: This is of the form: + '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + dnsPrefix: + type: string + enableNamespaceResources: + type: boolean + enablePodSecurityPolicy: + type: boolean + enableRBAC: + type: boolean + extendedLocation: + description: |- + Storage version of v1api20240402preview.ExtendedLocation + The complex type of the extended location. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + type: + type: string + type: object + fqdnSubdomain: + type: string + httpProxyConfig: + description: |- + Storage version of v1api20240402preview.ManagedClusterHTTPProxyConfig + Cluster HTTP proxy configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + httpProxy: + type: string + httpsProxy: + type: string + noProxy: + items: + type: string + type: array + trustedCa: + type: string + type: object + identity: + description: |- + Storage version of v1api20240402preview.ManagedClusterIdentity + Identity for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + delegatedResources: + additionalProperties: + description: |- + Storage version of v1api20240402preview.DelegatedResource + Delegated resource properties - internal use only. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + location: + type: string + referralResource: + type: string + resourceReference: + description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + tenantId: + type: string + type: object + type: object + type: + type: string + userAssignedIdentities: + items: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentityDetails + Information about the user assigned identity for the resource + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + identityProfile: + additionalProperties: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: object + ingressProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterIngressProfile + Ingress profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + webAppRouting: + description: |- + Storage version of v1api20240402preview.ManagedClusterIngressProfileWebAppRouting + Web App Routing settings for the ingress profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsZoneResourceReferences: + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + enabled: + type: boolean + type: object + type: object + kind: + type: string + kubernetesVersion: + type: string + linuxProfile: + description: |- + Storage version of v1api20240402preview.ContainerServiceLinuxProfile + Profile for Linux VMs in the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminUsername: + type: string + ssh: + description: |- + Storage version of v1api20240402preview.ContainerServiceSshConfiguration + SSH configuration for Linux-based VMs running on Azure. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicKeys: + items: + description: |- + Storage version of v1api20240402preview.ContainerServiceSshPublicKey + Contains information about SSH certificate public key data. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: + type: string + type: object + type: array + type: object + type: object + location: + type: string + metricsProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterMetricsProfile + The metrics profile for the ManagedCluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + costAnalysis: + description: |- + Storage version of v1api20240402preview.ManagedClusterCostAnalysis + The cost analysis configuration for the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + networkProfile: + description: |- + Storage version of v1api20240402preview.ContainerServiceNetworkProfile + Profile of network configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + advancedNetworking: + description: |- + Storage version of v1api20240402preview.AdvancedNetworking + Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may + incur additional costs. For more information see aka.ms/aksadvancednetworking. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + observability: + description: |- + Storage version of v1api20240402preview.AdvancedNetworkingObservability + Observability profile to enable advanced network metrics and flow logs with historical contexts. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + dnsServiceIP: + type: string + ipFamilies: + items: + type: string + type: array + kubeProxyConfig: + description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + ipvsConfig: + description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scheduler: + type: string + tcpFinTimeoutSeconds: + type: integer + tcpTimeoutSeconds: + type: integer + udpTimeoutSeconds: + type: integer + type: object + mode: + type: string + type: object + loadBalancerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile + Profile of the managed cluster load balancer. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allocatedOutboundPorts: + type: integer + backendPoolType: + type: string + clusterServiceLoadBalancerHealthProbeMode: + type: string + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + enableMultipleStandardLoadBalancers: + type: boolean + idleTimeoutInMinutes: + type: integer + managedOutboundIPs: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + countIPv6: + type: integer + type: object + outboundIPPrefixes: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixes: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + outboundIPs: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPs + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + type: object + type: object + loadBalancerSku: + type: string + natGatewayProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterNATGatewayProfile + Profile of the managed cluster NAT gateway. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + reference: + description: 'Reference: The fully qualified Azure resource id.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + type: array + idleTimeoutInMinutes: + type: integer + managedOutboundIPProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterManagedOutboundIPProfile + Profile of the managed outbound IP resources of the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + type: object + type: object + networkDataplane: + type: string + networkMode: + type: string + networkPlugin: + type: string + networkPluginMode: + type: string + networkPolicy: + type: string + outboundType: + type: string + podCidr: + type: string + podCidrs: + items: + type: string + type: array + podLinkLocalAccess: + type: string + serviceCidr: + type: string + serviceCidrs: + items: + type: string + type: array + staticEgressGatewayProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterStaticEgressGatewayProfile + The Static Egress Gateway addon configuration for the cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + nodeProvisioningProfile: + description: Storage version of v1api20240402preview.ManagedClusterNodeProvisioningProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + mode: + type: string + type: object + nodeResourceGroup: + type: string + nodeResourceGroupProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterNodeResourceGroupProfile + Node resource group lockdown profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + restrictionLevel: + type: string + type: object + oidcIssuerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterOIDCIssuerProfile + The OIDC issuer profile of the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + operatorSpec: + description: |- + Storage version of v1api20240402preview.ManagedClusterOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMaps: + description: Storage version of v1api20240402preview.ManagedClusterOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + oidcIssuerProfile: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + secrets: + description: Storage version of v1api20240402preview.ManagedClusterOperatorSecrets + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + userCredentials: + description: |- + SecretDestination describes the location to store a single secret value. + Note: This is similar to ConfigMapDestination in configmaps.go. Changes to one should likely also be made to the other. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + type: object + originalVersion: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podIdentityProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityProfile + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowNetworkPluginKubenet: + type: boolean + enabled: + type: boolean + userAssignedIdentities: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentity + Details about the pod identity assigned to the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + bindingSelector: + type: string + identity: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceReference: + description: 'ResourceReference: The resource ID of the user assigned identity.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + name: + type: string + namespace: + type: string + type: object + type: array + userAssignedIdentityExceptions: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityException + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + namespace: + type: string + podLabels: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + privateLinkResources: + items: + description: |- + Storage version of v1api20240402preview.PrivateLinkResource + A private link resource + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupId: + type: string + name: + type: string + reference: + description: 'Reference: The ID of the private link resource.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + requiredMembers: + items: + type: string + type: array + type: + type: string + type: object + type: array + publicNetworkAccess: + type: string + safeguardsProfile: + description: |- + Storage version of v1api20240402preview.SafeguardsProfile + The Safeguards profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + excludedNamespaces: + items: + type: string + type: array + level: + type: string + version: + type: string + type: object + securityProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfile + Security profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + azureKeyVaultKms: + description: |- + Storage version of v1api20240402preview.AzureKeyVaultKms + Azure Key Vault key management service settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + keyId: + type: string + keyVaultNetworkAccess: + type: string + keyVaultResourceReference: + description: |- + KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and + must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + customCATrustCertificates: + items: + type: string + type: array + defender: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefender + Microsoft Defender settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + logAnalyticsWorkspaceResourceReference: + description: |- + LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft + Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When + Microsoft Defender is disabled, leave the field empty. + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + securityMonitoring: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring + Microsoft Defender settings for the security profile threat detection. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + imageCleaner: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageCleaner + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + intervalHours: + type: integer + type: object + imageIntegrity: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageIntegrity + Image integrity related settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + nodeRestriction: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileNodeRestriction + Node Restriction settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + workloadIdentity: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileWorkloadIdentity + Workload identity settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + serviceMeshProfile: + description: |- + Storage version of v1api20240402preview.ServiceMeshProfile + Service mesh profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + istio: + description: |- + Storage version of v1api20240402preview.IstioServiceMesh + Istio service mesh configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certificateAuthority: + description: |- + Storage version of v1api20240402preview.IstioCertificateAuthority + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + plugin: + description: |- + Storage version of v1api20240402preview.IstioPluginCertificateAuthority + Plugin certificates information for Service Mesh. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certChainObjectName: + type: string + certObjectName: + type: string + keyObjectName: + type: string + keyVaultReference: + description: 'KeyVaultReference: The resource ID of the Key Vault.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + rootCertObjectName: + type: string + type: object + type: object + components: + description: |- + Storage version of v1api20240402preview.IstioComponents + Istio components configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + egressGateways: + items: + description: |- + Storage version of v1api20240402preview.IstioEgressGateway + Istio egress gateway configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: array + ingressGateways: + items: + description: |- + Storage version of v1api20240402preview.IstioIngressGateway + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + mode: + type: string + type: object + type: array + type: object + revisions: + items: + type: string + type: array + type: object + mode: + type: string + type: object + servicePrincipalProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterServicePrincipalProfile + Information about a service principal identity for the cluster to use for manipulating Azure APIs. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + secret: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + sku: + description: |- + Storage version of v1api20240402preview.ManagedClusterSKU + The SKU of a Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + tier: + type: string + type: object + storageProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfile + Storage profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + blobCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileBlobCSIDriver + AzureBlob CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + diskCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileDiskCSIDriver + AzureDisk CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + version: + type: string + type: object + fileCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileFileCSIDriver + AzureFile CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + snapshotController: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileSnapshotController + Snapshot Controller settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + supportPlan: + type: string + tags: + additionalProperties: + type: string + type: object + upgradeSettings: + description: |- + Storage version of v1api20240402preview.ClusterUpgradeSettings + Settings for upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + overrideSettings: + description: |- + Storage version of v1api20240402preview.UpgradeOverrideSettings + Settings for overrides when upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + forceUpgrade: + type: boolean + until: + type: string + type: object + type: object + windowsProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterWindowsProfile + Profile for Windows VMs in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminPassword: + description: |- + SecretReference is a reference to a Kubernetes secret and key in the same namespace as + the resource it is on. + properties: + key: + description: Key is the key in the Kubernetes secret being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes secret being referenced. + The secret must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + adminUsername: + type: string + enableCSIProxy: + type: boolean + gmsaProfile: + description: |- + Storage version of v1api20240402preview.WindowsGmsaProfile + Windows gMSA Profile in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServer: + type: string + enabled: + type: boolean + rootDomainName: + type: string + type: object + licenseType: + type: string + type: object + workloadAutoScalerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfile + Workload Auto-scaler profile for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keda: + description: |- + Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileKeda + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + verticalPodAutoscaler: + description: Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + addonAutoscaling: + type: string + enabled: + type: boolean + type: object + type: object + required: + - owner + type: object + status: + description: |- + Storage version of v1api20240402preview.ManagedCluster_STATUS + Managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + aadProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAADProfile_STATUS + For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminGroupObjectIDs: + items: + type: string + type: array + clientAppID: + type: string + enableAzureRBAC: + type: boolean + managed: + type: boolean + serverAppID: + type: string + serverAppSecret: + type: string + tenantID: + type: string + type: object + addonProfiles: + additionalProperties: + description: |- + Storage version of v1api20240402preview.ManagedClusterAddonProfile_STATUS + A Kubernetes add-on profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + config: + additionalProperties: + type: string + type: object + enabled: + type: boolean + identity: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + type: object + agentPoolProfiles: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterAgentPoolProfile_STATUS + Profile for the container service agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + availabilityZones: + items: + type: string + type: array + capacityReservationGroupID: + type: string + count: + type: integer + creationData: + description: |- + Storage version of v1api20240402preview.CreationData_STATUS + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceId: + type: string + type: object + currentOrchestratorVersion: + type: string + eTag: + type: string + enableAutoScaling: + type: boolean + enableCustomCATrust: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gatewayProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolGatewayProfile_STATUS + Profile of the managed cluster gateway agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixSize: + type: integer + type: object + gpuInstanceProfile: + type: string + gpuProfile: + description: Storage version of v1api20240402preview.AgentPoolGPUProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object + hostGroupID: + type: string + kubeletConfig: + description: |- + Storage version of v1api20240402preview.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: |- + Storage version of v1api20240402preview.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: |- + Storage version of v1api20240402preview.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + messageOfTheDay: + type: string + minCount: + type: integer + mode: + type: string + name: + type: string + networkProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20240402preview.PortRange_STATUS + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroups: + items: + type: string + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20240402preview.IPTag_STATUS + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object + nodeImageVersion: + type: string + nodeInitializationTaints: + items: + type: string + type: array + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixID: + type: string + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podIPAllocationMode: + type: string + podSubnetID: + type: string + powerState: + description: |- + Storage version of v1api20240402preview.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + provisioningState: + type: string + proximityPlacementGroupID: + type: string + scaleDownMode: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + securityProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolSecurityProfile_STATUS + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240402preview.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + drainTimeoutInMinutes: + type: integer + maxSurge: + type: string + nodeSoakDurationInMinutes: + type: integer + undrainableNodeBehavior: + type: string + type: object + virtualMachineNodesStatus: + items: + description: |- + Storage version of v1api20240402preview.VirtualMachineNodes_STATUS + Current status on a group of nodes of the same vm size. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: |- + Storage version of v1api20240402preview.VirtualMachinesProfile_STATUS + Specifications on VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: |- + Storage version of v1api20240402preview.ScaleProfile_STATUS + Specifications on how to scale a VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + autoscale: + items: + description: |- + Storage version of v1api20240402preview.AutoScaleProfile_STATUS + Specifications on auto-scaling. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxCount: + type: integer + minCount: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + manual: + items: + description: |- + Storage version of v1api20240402preview.ManualScaleProfile_STATUS + Specifications on number of machines. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object + type: object + vmSize: + type: string + vnetSubnetID: + type: string + windowsProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object + workloadRuntime: + type: string + type: object + type: array + aiToolchainOperatorProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAIToolchainOperatorProfile_STATUS + When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator + automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and + enables distributed inference against them. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + apiServerAccessProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAPIServerAccessProfile_STATUS + Access profile for managed cluster API server. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + authorizedIPRanges: + items: + type: string + type: array + disableRunCommand: + type: boolean + enablePrivateCluster: + type: boolean + enablePrivateClusterPublicFQDN: + type: boolean + enableVnetIntegration: + type: boolean + privateDNSZone: + type: string + subnetId: + type: string + type: object + autoScalerProfile: + description: Storage version of v1api20240402preview.ManagedClusterProperties_AutoScalerProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + balance-similar-node-groups: + type: string + daemonset-eviction-for-empty-nodes: + type: boolean + daemonset-eviction-for-occupied-nodes: + type: boolean + expander: + type: string + ignore-daemonsets-utilization: + type: boolean + max-empty-bulk-delete: + type: string + max-graceful-termination-sec: + type: string + max-node-provision-time: + type: string + max-total-unready-percentage: + type: string + new-pod-scale-up-delay: + type: string + ok-total-unready-count: + type: string + scale-down-delay-after-add: + type: string + scale-down-delay-after-delete: + type: string + scale-down-delay-after-failure: + type: string + scale-down-unneeded-time: + type: string + scale-down-unready-time: + type: string + scale-down-utilization-threshold: + type: string + scan-interval: + type: string + skip-nodes-with-local-storage: + type: string + skip-nodes-with-system-pods: + type: string + type: object + autoUpgradeProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAutoUpgradeProfile_STATUS + Auto upgrade profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + nodeOSUpgradeChannel: + type: string + upgradeChannel: + type: string + type: object + azureMonitorProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfile_STATUS + Prometheus addon profile for the container service cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + appMonitoring: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoring_STATUS + Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces + through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + autoInstrumentation: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation_STATUS + Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument + Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + openTelemetryLogs: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs_STATUS + Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects + OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + port: + type: integer + type: object + openTelemetryMetrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS + Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects + OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See + aka.ms/AzureMonitorApplicationMonitoring for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + port: + type: integer + type: object + type: object + containerInsights: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileContainerInsights_STATUS + Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See + aka.ms/AzureMonitorContainerInsights for an overview. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableCustomMetrics: + type: boolean + disablePrometheusMetricsScraping: + type: boolean + enabled: + type: boolean + logAnalyticsWorkspaceResourceId: + type: string + syslogPort: + type: integer + type: object + metrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileMetrics_STATUS + Metrics profile for the prometheus service addon + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + kubeStateMetrics: + description: |- + Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS + Kube State Metrics for prometheus addon profile for the container service cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + metricAnnotationsAllowList: + type: string + metricLabelsAllowlist: + type: string + type: object + type: object + type: object + azurePortalFQDN: + type: string + bootstrapProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterBootstrapProfile_STATUS + The bootstrap profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactSource: + type: string + containerRegistryId: + type: string + type: object + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + creationData: + description: |- + Storage version of v1api20240402preview.CreationData_STATUS + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceId: + type: string + type: object + currentKubernetesVersion: + type: string + disableLocalAccounts: + type: boolean + diskEncryptionSetID: + type: string + dnsPrefix: + type: string + eTag: + type: string + enableNamespaceResources: + type: boolean + enablePodSecurityPolicy: + type: boolean + enableRBAC: + type: boolean + extendedLocation: + description: |- + Storage version of v1api20240402preview.ExtendedLocation_STATUS + The complex type of the extended location. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + type: + type: string + type: object + fqdn: + type: string + fqdnSubdomain: + type: string + httpProxyConfig: + description: |- + Storage version of v1api20240402preview.ManagedClusterHTTPProxyConfig_STATUS + Cluster HTTP proxy configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + effectiveNoProxy: + items: + type: string + type: array + httpProxy: + type: string + httpsProxy: + type: string + noProxy: + items: + type: string + type: array + trustedCa: + type: string + type: object + id: + type: string + identity: + description: |- + Storage version of v1api20240402preview.ManagedClusterIdentity_STATUS + Identity for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + delegatedResources: + additionalProperties: + description: |- + Storage version of v1api20240402preview.DelegatedResource_STATUS + Delegated resource properties - internal use only. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + location: + type: string + referralResource: + type: string + resourceId: + type: string + tenantId: + type: string + type: object + type: object + principalId: + type: string + tenantId: + type: string + type: + type: string + userAssignedIdentities: + additionalProperties: + description: Storage version of v1api20240402preview.ManagedClusterIdentity_UserAssignedIdentities_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + principalId: + type: string + type: object + type: object + type: object + identityProfile: + additionalProperties: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + ingressProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterIngressProfile_STATUS + Ingress profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + webAppRouting: + description: |- + Storage version of v1api20240402preview.ManagedClusterIngressProfileWebAppRouting_STATUS + Web App Routing settings for the ingress profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsZoneResourceIds: + items: + type: string + type: array + enabled: + type: boolean + identity: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + type: object + type: object + kind: + type: string + kubernetesVersion: + type: string + linuxProfile: + description: |- + Storage version of v1api20240402preview.ContainerServiceLinuxProfile_STATUS + Profile for Linux VMs in the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminUsername: + type: string + ssh: + description: |- + Storage version of v1api20240402preview.ContainerServiceSshConfiguration_STATUS + SSH configuration for Linux-based VMs running on Azure. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicKeys: + items: + description: |- + Storage version of v1api20240402preview.ContainerServiceSshPublicKey_STATUS + Contains information about SSH certificate public key data. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keyData: + type: string + type: object + type: array + type: object + type: object + location: + type: string + maxAgentPools: + type: integer + metricsProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterMetricsProfile_STATUS + The metrics profile for the ManagedCluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + costAnalysis: + description: |- + Storage version of v1api20240402preview.ManagedClusterCostAnalysis_STATUS + The cost analysis configuration for the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + name: + type: string + networkProfile: + description: |- + Storage version of v1api20240402preview.ContainerServiceNetworkProfile_STATUS + Profile of network configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + advancedNetworking: + description: |- + Storage version of v1api20240402preview.AdvancedNetworking_STATUS + Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may + incur additional costs. For more information see aka.ms/aksadvancednetworking. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + observability: + description: |- + Storage version of v1api20240402preview.AdvancedNetworkingObservability_STATUS + Observability profile to enable advanced network metrics and flow logs with historical contexts. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + dnsServiceIP: + type: string + ipFamilies: + items: + type: string + type: array + kubeProxyConfig: + description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + ipvsConfig: + description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scheduler: + type: string + tcpFinTimeoutSeconds: + type: integer + tcpTimeoutSeconds: + type: integer + udpTimeoutSeconds: + type: integer + type: object + mode: + type: string + type: object + loadBalancerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_STATUS + Profile of the managed cluster load balancer. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allocatedOutboundPorts: + type: integer + backendPoolType: + type: string + clusterServiceLoadBalancerHealthProbeMode: + type: string + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + enableMultipleStandardLoadBalancers: + type: boolean + idleTimeoutInMinutes: + type: integer + managedOutboundIPs: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + countIPv6: + type: integer + type: object + outboundIPPrefixes: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixes: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + type: object + outboundIPs: + description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + type: object + type: object + loadBalancerSku: + type: string + natGatewayProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterNATGatewayProfile_STATUS + Profile of the managed cluster NAT gateway. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + effectiveOutboundIPs: + items: + description: |- + Storage version of v1api20240402preview.ResourceReference_STATUS + A reference to an Azure resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + id: + type: string + type: object + type: array + idleTimeoutInMinutes: + type: integer + managedOutboundIPProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterManagedOutboundIPProfile_STATUS + Profile of the managed outbound IP resources of the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + type: object + type: object + networkDataplane: + type: string + networkMode: + type: string + networkPlugin: + type: string + networkPluginMode: + type: string + networkPolicy: + type: string + outboundType: + type: string + podCidr: + type: string + podCidrs: + items: + type: string + type: array + podLinkLocalAccess: + type: string + serviceCidr: + type: string + serviceCidrs: + items: + type: string + type: array + staticEgressGatewayProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterStaticEgressGatewayProfile_STATUS + The Static Egress Gateway addon configuration for the cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + nodeProvisioningProfile: + description: Storage version of v1api20240402preview.ManagedClusterNodeProvisioningProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + mode: + type: string + type: object + nodeResourceGroup: + type: string + nodeResourceGroupProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterNodeResourceGroupProfile_STATUS + Node resource group lockdown profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + restrictionLevel: + type: string + type: object + oidcIssuerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterOIDCIssuerProfile_STATUS + The OIDC issuer profile of the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + issuerURL: + type: string + type: object + podIdentityProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityProfile_STATUS + See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod + identity integration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowNetworkPluginKubenet: + type: boolean + enabled: + type: boolean + userAssignedIdentities: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentity_STATUS + Details about the pod identity assigned to the Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + bindingSelector: + type: string + identity: + description: |- + Storage version of v1api20240402preview.UserAssignedIdentity_STATUS + Details about a user assigned identity. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + objectId: + type: string + resourceId: + type: string + type: object + name: + type: string + namespace: + type: string + provisioningInfo: + description: Storage version of v1api20240402preview.ManagedClusterPodIdentity_ProvisioningInfo_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningError_STATUS + An error response from the pod identity provisioning. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + error: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS + An error response from the pod identity provisioning. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + details: + items: + description: Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + message: + type: string + target: + type: string + type: object + type: array + message: + type: string + target: + type: string + type: object + type: object + type: object + provisioningState: + type: string + type: object + type: array + userAssignedIdentityExceptions: + items: + description: |- + Storage version of v1api20240402preview.ManagedClusterPodIdentityException_STATUS + See [disable AAD Pod Identity for a specific + Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + namespace: + type: string + podLabels: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + powerState: + description: |- + Storage version of v1api20240402preview.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + privateFQDN: + type: string + privateLinkResources: + items: + description: |- + Storage version of v1api20240402preview.PrivateLinkResource_STATUS + A private link resource + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + groupId: + type: string + id: + type: string + name: + type: string + privateLinkServiceID: + type: string + requiredMembers: + items: + type: string + type: array + type: + type: string + type: object + type: array + provisioningState: + type: string + publicNetworkAccess: + type: string + resourceUID: + type: string + safeguardsProfile: + description: |- + Storage version of v1api20240402preview.SafeguardsProfile_STATUS + The Safeguards profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + excludedNamespaces: + items: + type: string + type: array + level: + type: string + systemExcludedNamespaces: + items: + type: string + type: array + version: + type: string + type: object + securityProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfile_STATUS + Security profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + azureKeyVaultKms: + description: |- + Storage version of v1api20240402preview.AzureKeyVaultKms_STATUS + Azure Key Vault key management service settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + keyId: + type: string + keyVaultNetworkAccess: + type: string + keyVaultResourceId: + type: string + type: object + customCATrustCertificates: + items: + type: string + type: array + defender: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefender_STATUS + Microsoft Defender settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + logAnalyticsWorkspaceResourceId: + type: string + securityMonitoring: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS + Microsoft Defender settings for the security profile threat detection. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + imageCleaner: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageCleaner_STATUS + Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here + are settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + intervalHours: + type: integer + type: object + imageIntegrity: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageIntegrity_STATUS + Image integrity related settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + nodeRestriction: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileNodeRestriction_STATUS + Node Restriction settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + workloadIdentity: + description: |- + Storage version of v1api20240402preview.ManagedClusterSecurityProfileWorkloadIdentity_STATUS + Workload identity settings for the security profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + serviceMeshProfile: + description: |- + Storage version of v1api20240402preview.ServiceMeshProfile_STATUS + Service mesh profile for a managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + istio: + description: |- + Storage version of v1api20240402preview.IstioServiceMesh_STATUS + Istio service mesh configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certificateAuthority: + description: |- + Storage version of v1api20240402preview.IstioCertificateAuthority_STATUS + Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described + here https://aka.ms/asm-plugin-ca + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + plugin: + description: |- + Storage version of v1api20240402preview.IstioPluginCertificateAuthority_STATUS + Plugin certificates information for Service Mesh. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + certChainObjectName: + type: string + certObjectName: + type: string + keyObjectName: + type: string + keyVaultId: + type: string + rootCertObjectName: + type: string + type: object + type: object + components: + description: |- + Storage version of v1api20240402preview.IstioComponents_STATUS + Istio components configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + egressGateways: + items: + description: |- + Storage version of v1api20240402preview.IstioEgressGateway_STATUS + Istio egress gateway configuration. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: array + ingressGateways: + items: + description: |- + Storage version of v1api20240402preview.IstioIngressGateway_STATUS + Istio ingress gateway configuration. For now, we support up to one external ingress gateway named + `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + mode: + type: string + type: object + type: array + type: object + revisions: + items: + type: string + type: array + type: object + mode: + type: string + type: object + servicePrincipalProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterServicePrincipalProfile_STATUS + Information about a service principal identity for the cluster to use for manipulating Azure APIs. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + clientId: + type: string + type: object + sku: + description: |- + Storage version of v1api20240402preview.ManagedClusterSKU_STATUS + The SKU of a Managed Cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + name: + type: string + tier: + type: string + type: object + storageProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfile_STATUS + Storage profile for the container service cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + blobCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileBlobCSIDriver_STATUS + AzureBlob CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + diskCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileDiskCSIDriver_STATUS + AzureDisk CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + version: + type: string + type: object + fileCSIDriver: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileFileCSIDriver_STATUS + AzureFile CSI Driver settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + snapshotController: + description: |- + Storage version of v1api20240402preview.ManagedClusterStorageProfileSnapshotController_STATUS + Snapshot Controller settings for the storage profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + type: object + supportPlan: + type: string + systemData: + description: |- + Storage version of v1api20240402preview.SystemData_STATUS + Metadata pertaining to creation and last modification of the resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + createdAt: + type: string + createdBy: + type: string + createdByType: + type: string + lastModifiedAt: + type: string + lastModifiedBy: + type: string + lastModifiedByType: + type: string + type: object + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20240402preview.ClusterUpgradeSettings_STATUS + Settings for upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + overrideSettings: + description: |- + Storage version of v1api20240402preview.UpgradeOverrideSettings_STATUS + Settings for overrides when upgrading a cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + forceUpgrade: + type: boolean + until: + type: string + type: object + type: object + windowsProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterWindowsProfile_STATUS + Profile for Windows VMs in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + adminUsername: + type: string + enableCSIProxy: + type: boolean + gmsaProfile: + description: |- + Storage version of v1api20240402preview.WindowsGmsaProfile_STATUS + Windows gMSA Profile in the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + dnsServer: + type: string + enabled: + type: boolean + rootDomainName: + type: string + type: object + licenseType: + type: string + type: object + workloadAutoScalerProfile: + description: |- + Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfile_STATUS + Workload Auto-scaler profile for the managed cluster. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + keda: + description: |- + Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS + KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean + type: object + verticalPodAutoscaler: + description: Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + addonAutoscaling: + type: string + enabled: + type: boolean + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + app.kubernetes.io/name: azure-service-operator + app.kubernetes.io/version: v2.8.0 + name: managedclustersagentpools.containerservice.azure.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: azureserviceoperator-webhook-service + namespace: azureserviceoperator-system + path: /convert + port: 443 + conversionReviewVersions: + - v1 + group: containerservice.azure.com + names: + kind: ManagedClustersAgentPool + listKind: ManagedClustersAgentPoolList + plural: managedclustersagentpools + singular: managedclustersagentpool + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20210501 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g + type: string + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. + minimum: 2 + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixIDReference: + description: |- + NodePublicIPPrefixIDReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes + version. The node pool version must have the same major version as the control plane. The node pool minor version must + be within two minor versions of the control plane version. The node pool version cannot be greater than the control + plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + maximum: 2048 + minimum: 0 + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed + type: string + osSKU: + description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' + enum: + - CBLMariner + - Ubuntu + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podSubnetIDReference: + description: |- + PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more + details). This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + enum: + - Deallocate + - Delete + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + enum: + - Regular + - Spot + type: string + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: The type of Agent Pool.' + enum: + - AvailabilitySet + - VirtualMachineScaleSets + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetIDReference: + description: |- + VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + required: + - owner + type: object + status: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + type: string + id: + description: 'Id: Resource ID.' + type: string + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + type: string + name: + description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' + type: string + nodeImageVersion: + description: 'NodeImageVersion: The version of node image' + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixID: + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + type: string + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes + version. The node pool version must have the same major version as the control plane. The node pool minor version must + be within two minor versions of the control plane version. The node pool version cannot be greater than the control + plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + type: string + osSKU: + description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + type: string + podSubnetID: + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + powerState: + description: 'PowerState: Describes whether the Agent Pool is Running or Stopped' + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + type: string + type: object + properties_type: + description: 'PropertiesType: The type of Agent Pool.' + type: string + provisioningState: + description: 'ProvisioningState: The current deployment or provisioning state.' + type: string + proximityPlacementGroupID: + description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + type: string + scaleSetEvictionPolicy: + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. + type: string + scaleSetPriority: + description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' + type: string + spotMaxPrice: + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) + type: number + tags: + additionalProperties: + type: string + description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' + type: object + type: + description: 'Type: Resource type' + type: string + upgradeSettings: + description: 'UpgradeSettings: Settings for upgrading the agentpool' + properties: + maxSurge: + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade + type: string + type: object + vmSize: + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions + type: string + vnetSubnetID: + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20210501storage + schema: + openAPIV3Schema: + description: |- + Storage version of v1api20210501.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Storage version of v1api20210501.ManagedClusters_AgentPool_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: + items: + type: string + type: array + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + count: + type: integer + enableAutoScaling: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gpuInstanceProfile: + type: string + kubeletConfig: + description: |- + Storage version of v1api20210501.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: |- + Storage version of v1api20210501.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: |- + Storage version of v1api20210501.SysctlConfig + Sysctl settings for Linux agent nodes. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + minCount: + type: integer + mode: + type: string + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixIDReference: + description: |- + NodePublicIPPrefixIDReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + originalVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + owner: + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource + properties: + armId: + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + name: + description: This is the name of the Kubernetes resource to reference. + type: string + type: object + podSubnetIDReference: + description: |- + PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more + details). This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + proximityPlacementGroupID: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20210501.AgentPoolUpgradeSettings + Settings for upgrading an agentpool + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxSurge: + type: string + type: object + vmSize: + type: string + vnetSubnetIDReference: + description: |- + VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + required: + - owner + type: object + status: + description: Storage version of v1api20210501.ManagedClusters_AgentPool_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + availabilityZones: + items: + type: string + type: array + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + count: + type: integer + enableAutoScaling: + type: boolean + enableEncryptionAtHost: + type: boolean + enableFIPS: + type: boolean + enableNodePublicIP: + type: boolean + enableUltraSSD: + type: boolean + gpuInstanceProfile: + type: string + id: + type: string + kubeletConfig: + description: |- + Storage version of v1api20210501.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedUnsafeSysctls: + items: + type: string + type: array + containerLogMaxFiles: + type: integer + containerLogMaxSizeMB: + type: integer + cpuCfsQuota: + type: boolean + cpuCfsQuotaPeriod: + type: string + cpuManagerPolicy: + type: string + failSwapOn: + type: boolean + imageGcHighThreshold: + type: integer + imageGcLowThreshold: + type: integer + podMaxPids: + type: integer + topologyManagerPolicy: + type: string + type: object + kubeletDiskType: + type: string + linuxOSConfig: + description: |- + Storage version of v1api20210501.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + swapFileSizeMB: + type: integer + sysctls: + description: |- + Storage version of v1api20210501.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + fsAioMaxNr: + type: integer + fsFileMax: + type: integer + fsInotifyMaxUserWatches: + type: integer + fsNrOpen: + type: integer + kernelThreadsMax: + type: integer + netCoreNetdevMaxBacklog: + type: integer + netCoreOptmemMax: + type: integer + netCoreRmemDefault: + type: integer + netCoreRmemMax: + type: integer + netCoreSomaxconn: + type: integer + netCoreWmemDefault: + type: integer + netCoreWmemMax: + type: integer + netIpv4IpLocalPortRange: + type: string + netIpv4NeighDefaultGcThresh1: + type: integer + netIpv4NeighDefaultGcThresh2: + type: integer + netIpv4NeighDefaultGcThresh3: + type: integer + netIpv4TcpFinTimeout: + type: integer + netIpv4TcpKeepaliveProbes: + type: integer + netIpv4TcpKeepaliveTime: + type: integer + netIpv4TcpMaxSynBacklog: + type: integer + netIpv4TcpMaxTwBuckets: + type: integer + netIpv4TcpTwReuse: + type: boolean + netIpv4TcpkeepaliveIntvl: + type: integer + netNetfilterNfConntrackBuckets: + type: integer + netNetfilterNfConntrackMax: + type: integer + vmMaxMapCount: + type: integer + vmSwappiness: + type: integer + vmVfsCachePressure: + type: integer + type: object + transparentHugePageDefrag: + type: string + transparentHugePageEnabled: + type: string + type: object + maxCount: + type: integer + maxPods: + type: integer + minCount: + type: integer + mode: + type: string + name: + type: string + nodeImageVersion: + type: string + nodeLabels: + additionalProperties: + type: string + type: object + nodePublicIPPrefixID: + type: string + nodeTaints: + items: + type: string + type: array + orchestratorVersion: + type: string + osDiskSizeGB: + type: integer + osDiskType: + type: string + osSKU: + type: string + osType: + type: string + podSubnetID: + type: string + powerState: + description: |- + Storage version of v1api20210501.PowerState_STATUS + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + properties_type: + type: string + provisioningState: + type: string + proximityPlacementGroupID: + type: string + scaleSetEvictionPolicy: + type: string + scaleSetPriority: + type: string + spotMaxPrice: + type: number + tags: + additionalProperties: + type: string + type: object + type: + type: string + upgradeSettings: + description: |- + Storage version of v1api20210501.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxSurge: + type: string + type: object + vmSize: + type: string + vnetSubnetID: + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20230201 + schema: + openAPIV3Schema: + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + availabilityZones: + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. + items: + type: string + type: array + azureName: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + count: + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. + type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object + enableAutoScaling: + description: 'EnableAutoScaling: Whether to enable auto-scaler' + type: boolean + enableEncryptionAtHost: + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption + type: boolean + enableFIPS: + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. + type: boolean + enableNodePublicIP: + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. + type: boolean + enableUltraSSD: + description: 'EnableUltraSSD: Whether to enable UltraSSD' + type: boolean + gpuInstanceProfile: + description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' + enum: + - MIG1g + - MIG2g + - MIG3g + - MIG4g + - MIG7g + type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + kubeletConfig: + description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' + properties: + allowedUnsafeSysctls: + description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' + items: + type: string + type: array + containerLogMaxFiles: + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. + minimum: 2 + type: integer + containerLogMaxSizeMB: + description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' + type: integer + cpuCfsQuota: + description: 'CpuCfsQuota: The default is true.' + type: boolean + cpuCfsQuotaPeriod: + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. + type: string + cpuManagerPolicy: + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. + type: string + failSwapOn: + description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' + type: boolean + imageGcHighThreshold: + description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' + type: integer + imageGcLowThreshold: + description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' + type: integer + podMaxPids: + description: 'PodMaxPids: The maximum number of processes per pod.' + type: integer + topologyManagerPolicy: + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. + type: string + type: object + kubeletDiskType: + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. + enum: + - OS + - Temporary + type: string + linuxOSConfig: + description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' + properties: + swapFileSizeMB: + description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' + type: integer + sysctls: + description: 'Sysctls: Sysctl settings for Linux agent nodes.' + properties: + fsAioMaxNr: + description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' + type: integer + fsFileMax: + description: 'FsFileMax: Sysctl setting fs.file-max.' + type: integer + fsInotifyMaxUserWatches: + description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' + type: integer + fsNrOpen: + description: 'FsNrOpen: Sysctl setting fs.nr_open.' + type: integer + kernelThreadsMax: + description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' + type: integer + netCoreNetdevMaxBacklog: + description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' + type: integer + netCoreOptmemMax: + description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' + type: integer + netCoreRmemDefault: + description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' + type: integer + netCoreRmemMax: + description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' + type: integer + netCoreSomaxconn: + description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' + type: integer + netCoreWmemDefault: + description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' + type: integer + netCoreWmemMax: + description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' + type: integer + netIpv4IpLocalPortRange: + description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' + type: string + netIpv4NeighDefaultGcThresh1: + description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' + type: integer + netIpv4NeighDefaultGcThresh2: + description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' + type: integer + netIpv4NeighDefaultGcThresh3: + description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' + type: integer + netIpv4TcpFinTimeout: + description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' + type: integer + netIpv4TcpKeepaliveProbes: + description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' + type: integer + netIpv4TcpKeepaliveTime: + description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' + type: integer + netIpv4TcpMaxSynBacklog: + description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' + type: integer + netIpv4TcpMaxTwBuckets: + description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' + type: integer + netIpv4TcpTwReuse: + description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' + type: boolean + netIpv4TcpkeepaliveIntvl: + description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + type: integer + netNetfilterNfConntrackBuckets: + description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + type: integer + netNetfilterNfConntrackMax: + description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + type: integer + vmMaxMapCount: + description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' + type: integer + vmSwappiness: + description: 'VmSwappiness: Sysctl setting vm.swappiness.' + type: integer + vmVfsCachePressure: + description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' + type: integer + type: object + transparentHugePageDefrag: + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + transparentHugePageEnabled: + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). + type: string + type: object + maxCount: + description: 'MaxCount: The maximum number of nodes for auto-scaling' + type: integer + maxPods: + description: 'MaxPods: The maximum number of pods that can run on a node.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes for auto-scaling' + type: integer + mode: + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools + enum: + - System + - User + type: string + nodeLabels: + additionalProperties: + type: string + description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' + type: object + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + nodeTaints: + description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' + items: + type: string + type: array + orchestratorVersion: + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). + type: string + osDiskSizeGB: + maximum: 2048 + minimum: 0 + type: integer + osDiskType: + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). + enum: + - Ephemeral + - Managed + type: string + osSKU: + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. + enum: + - CBLMariner + - Ubuntu + - Windows2019 + - Windows2022 + type: string + osType: + description: 'OsType: The operating system type. The default is Linux.' + enum: + - Linux + - Windows type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -30120,11 +48062,17 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object - podSubnetIDReference: - description: 'PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -30137,11 +48085,49 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' + powerState: + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded + properties: + code: + description: 'Code: Tells whether the cluster is Running or Stopped' + enum: + - Running + - Stopped + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + enum: + - Deallocate + - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -30153,7 +48139,10 @@ spec: - Spot type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -30170,17 +48159,30 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string - vnetSubnetIDReference: - description: 'VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -30193,13 +48195,21 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' + enum: + - OCIContainer + - WasmWasi + type: string required: - owner type: object status: properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -30216,14 +48226,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -30239,19 +48258,46 @@ spec: type: object type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer + creationData: + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. + properties: + sourceResourceId: + description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' + type: string + type: object + currentOrchestratorVersion: + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. + type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -30259,6 +48305,12 @@ spec: gpuInstanceProfile: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string + hostGroupID: + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + type: string id: description: 'Id: Resource ID.' type: string @@ -30271,7 +48323,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -30280,10 +48334,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -30298,11 +48357,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -30399,10 +48463,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -30415,7 +48485,9 @@ spec: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' @@ -30429,7 +48501,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -30437,24 +48511,43 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies an OS SKU. This value must not be specified if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: Describes whether the Agent Pool is Running or Stopped' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -30469,14 +48562,22 @@ spec: proximityPlacementGroupID: description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string + scaleDownMode: + description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' + type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -30490,14 +48591,27 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} + type: string + workloadRuntime: + description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -30518,36 +48632,86 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20210501storage + name: v1api20230201storage schema: openAPIV3Schema: - description: 'Storage version of v1api20210501.ManagedClustersAgentPool Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2021-05-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Storage version of v1api20230201.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20210501.ManagedClusters_AgentPool_Spec + description: Storage version of v1api20230201.ManagedClusters_AgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string count: type: integer + creationData: + description: |- + Storage version of v1api20230201.CreationData + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceReference: + description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: object enableAutoScaling: type: boolean enableEncryptionAtHost: @@ -30560,13 +48724,40 @@ spec: type: boolean gpuInstanceProfile: type: string + hostGroupReference: + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object kubeletConfig: - description: Storage version of v1api20210501.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230201.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -30596,22 +48787,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20210501.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230201.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20210501.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20230201.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -30687,11 +48886,16 @@ spec: additionalProperties: type: string type: object - nodePublicIPPrefixIDReference: - description: 'NodePublicIPPrefixIDReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + nodePublicIPPrefixReference: + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -30721,7 +48925,10 @@ spec: osType: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -30730,11 +48937,17 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object - podSubnetIDReference: - description: 'PodSubnetIDReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + podSubnetReference: + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -30747,7 +48960,42 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - proximityPlacementGroupID: + powerState: + description: |- + Storage version of v1api20230201.PowerState + Describes the Power State of the cluster + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + code: + type: string + type: object + proximityPlacementGroupReference: + description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + scaleDownMode: type: string scaleSetEvictionPolicy: type: string @@ -30762,23 +49010,33 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20210501.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20230201.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string type: object vmSize: type: string - vnetSubnetIDReference: - description: 'VnetSubnetIDReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + vnetSubnetReference: + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -30791,16 +49049,20 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + workloadRuntime: + type: string required: - owner type: object status: - description: Storage version of v1api20210501.ManagedClusters_AgentPool_STATUS + description: Storage version of v1api20230201.ManagedClusters_AgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -30818,14 +49080,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -30842,6 +49113,23 @@ spec: type: array count: type: integer + creationData: + description: |- + Storage version of v1api20230201.CreationData_STATUS + Data used when creating a target resource from a source resource. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + sourceResourceId: + type: string + type: object + currentOrchestratorVersion: + type: string enableAutoScaling: type: boolean enableEncryptionAtHost: @@ -30854,15 +49142,21 @@ spec: type: boolean gpuInstanceProfile: type: string + hostGroupID: + type: string id: type: string kubeletConfig: - description: Storage version of v1api20210501.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230201.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -30892,22 +49186,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20210501.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230201.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20210501.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20230201.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -31006,12 +49308,16 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20210501.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20230201.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -31022,6 +49328,8 @@ spec: type: string proximityPlacementGroupID: type: string + scaleDownMode: + type: string scaleSetEvictionPolicy: type: string scaleSetPriority: @@ -31035,12 +49343,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20210501.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -31049,6 +49361,8 @@ spec: type: string vnetSubnetID: type: string + workloadRuntime: + type: string type: object type: object served: true @@ -31068,40 +49382,66 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230201 + name: v1api20230202preview schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-02-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -31118,14 +49458,30 @@ spec: enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. + type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -31140,10 +49496,16 @@ spec: - MIG7g type: string hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -31165,7 +49527,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. minimum: 2 type: integer containerLogMaxSizeMB: @@ -31175,10 +49539,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -31193,11 +49562,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. enum: - OS - Temporary @@ -31297,10 +49671,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -31309,25 +49689,107 @@ spec: maxPods: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + maximum: 65535 + minimum: 1 + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + maximum: 65535 + minimum: 1 + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + enum: + - TCP + - UDP + type: string + type: object + type: array + applicationSecurityGroupsReferences: + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object nodeLabels: additionalProperties: type: string description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -31346,22 +49808,36 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. enum: - CBLMariner + - Mariner - Ubuntu - Windows2019 - Windows2022 @@ -31373,7 +49849,10 @@ spec: - Windows type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -31383,10 +49862,16 @@ spec: type: string type: object podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -31400,7 +49885,10 @@ spec: type: string type: object powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -31413,7 +49901,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -31433,7 +49924,9 @@ spec: - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -31445,7 +49938,10 @@ spec: - Spot type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -31462,17 +49958,30 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -31485,9 +49994,19 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: + - KataMshvVmIsolation - OCIContainer - WasmWasi type: string @@ -31497,10 +50016,15 @@ spec: status: properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array + capacityReservationGroupID: + description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + type: string conditions: description: 'Conditions: The observed state of the resource' items: @@ -31514,14 +50038,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -31537,29 +50070,52 @@ spec: type: object type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: 'CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be exactly equal to it. If orchestratorVersion is , this field will contain the full version being used.' + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. + type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -31568,7 +50124,10 @@ spec: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: 'HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: description: 'Id: Resource ID.' @@ -31582,7 +50141,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -31591,10 +50152,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -31609,11 +50175,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -31710,10 +50281,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -31722,15 +50299,65 @@ spec: maxPods: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string + networkProfile: + description: 'NetworkProfile: Network-related settings of an agent pool.' + properties: + allowedHostPorts: + description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' + items: + description: The port range. + properties: + portEnd: + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. + type: integer + portStart: + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. + type: integer + protocol: + description: 'Protocol: The network protocol of the port.' + type: string + type: object + type: array + applicationSecurityGroups: + description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' + items: + type: string + type: array + nodePublicIPTags: + description: 'NodePublicIPTags: IPTags of instance-level public IPs.' + items: + description: Contains the IPTag associated with the object. + properties: + ipTagType: + description: 'IpTagType: The IP tag type. Example: RoutingPreference.' + type: string + tag: + description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' + type: string + type: object + type: array + type: object nodeImageVersion: description: 'NodeImageVersion: The version of node image' type: string @@ -31740,7 +50367,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -31748,24 +50377,43 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -31784,13 +50432,18 @@ spec: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -31804,15 +50457,34 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string @@ -31835,49 +50507,75 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230201storage + name: v1api20230202previewstorage schema: openAPIV3Schema: - description: 'Storage version of v1api20230201.ManagedClustersAgentPool Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Storage version of v1api20230202preview.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-02-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20230201.ManagedClusters_AgentPool_Spec + description: Storage version of v1api20230202preview.ManagedClusters_AgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + type: string + capacityReservationGroupID: type: string count: type: integer creationData: - description: Storage version of v1api20230201.CreationData Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20230202preview.CreationData + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -31893,6 +50591,8 @@ spec: type: object enableAutoScaling: type: boolean + enableCustomCATrust: + type: boolean enableEncryptionAtHost: type: boolean enableFIPS: @@ -31904,10 +50604,16 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -31921,12 +50627,16 @@ spec: type: string type: object kubeletConfig: - description: Storage version of v1api20230201.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230202preview.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -31956,22 +50666,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230201.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230202preview.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230201.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20230202preview.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -32039,19 +50757,101 @@ spec: type: integer maxPods: type: integer + messageOfTheDay: + type: string minCount: type: integer mode: type: string + networkProfile: + description: |- + Storage version of v1api20230202preview.AgentPoolNetworkProfile + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20230202preview.PortRange + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroupsReferences: + items: + description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20230202preview.IPTag + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object nodeLabels: additionalProperties: type: string type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32081,7 +50881,10 @@ spec: osType: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -32091,10 +50894,16 @@ spec: type: string type: object podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32108,12 +50917,16 @@ spec: type: string type: object powerState: - description: Storage version of v1api20230201.PowerState Describes the Power State of the cluster + description: |- + Storage version of v1api20230202preview.PowerState + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -32122,7 +50935,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32150,12 +50966,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230201.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20230202preview.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -32163,10 +50983,16 @@ spec: vmSize: type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32179,23 +51005,42 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: |- + Storage version of v1api20230202preview.AgentPoolWindowsProfile + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object workloadRuntime: type: string required: - owner type: object status: - description: Storage version of v1api20230201.ManagedClusters_AgentPool_STATUS + description: Storage version of v1api20230202preview.ManagedClusters_AgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array + capacityReservationGroupID: + type: string conditions: items: description: Condition defines an extension to status (an observation) of a resource @@ -32208,14 +51053,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -32233,12 +51087,16 @@ spec: count: type: integer creationData: - description: Storage version of v1api20230201.CreationData_STATUS Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20230202preview.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -32247,6 +51105,8 @@ spec: type: string enableAutoScaling: type: boolean + enableCustomCATrust: + type: boolean enableEncryptionAtHost: type: boolean enableFIPS: @@ -32262,12 +51122,16 @@ spec: id: type: string kubeletConfig: - description: Storage version of v1api20230201.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230202preview.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -32297,22 +51161,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230201.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20230202preview.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230201.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20230202preview.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -32380,12 +51252,71 @@ spec: type: integer maxPods: type: integer + messageOfTheDay: + type: string minCount: type: integer mode: type: string name: type: string + networkProfile: + description: |- + Storage version of v1api20230202preview.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + allowedHostPorts: + items: + description: |- + Storage version of v1api20230202preview.PortRange_STATUS + The port range. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + portEnd: + type: integer + portStart: + type: integer + protocol: + type: string + type: object + type: array + applicationSecurityGroups: + items: + type: string + type: array + nodePublicIPTags: + items: + description: |- + Storage version of v1api20230202preview.IPTag_STATUS + Contains the IPTag associated with the object. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + ipTagType: + type: string + tag: + type: string + type: object + type: array + type: object nodeImageVersion: type: string nodeLabels: @@ -32411,12 +51342,16 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20230201.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20230202preview.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -32442,12 +51377,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20230202preview.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -32456,6 +51395,21 @@ spec: type: string vnetSubnetID: type: string + windowsProfile: + description: |- + Storage version of v1api20230202preview.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object workloadRuntime: type: string type: object @@ -32477,43 +51431,86 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230202preview + name: v1api20231001 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-02-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' - type: string - capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. + maxLength: 12 + minLength: 1 + pattern: ^[a-z][a-z0-9]{0,11}$ type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32530,17 +51527,24 @@ spec: enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean - enableCustomCATrust: - description: 'EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.' - type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -32555,10 +51559,16 @@ spec: - MIG7g type: string hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32580,7 +51590,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. minimum: 2 type: integer containerLogMaxSizeMB: @@ -32590,10 +51602,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -32608,11 +51625,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. enum: - OS - Temporary @@ -32694,12 +51716,18 @@ spec: type: boolean netIpv4TcpkeepaliveIntvl: description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' + maximum: 90 + minimum: 10 type: integer netNetfilterNfConntrackBuckets: description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' + maximum: 524288 + minimum: 65536 type: integer netNetfilterNfConntrackMax: description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' + maximum: 2097152 + minimum: 131072 type: integer vmMaxMapCount: description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' @@ -32712,10 +51740,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -32724,14 +51758,13 @@ spec: maxPods: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer - messageOfTheDay: - description: 'MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).' - type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User @@ -32745,12 +51778,16 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. maximum: 65535 minimum: 1 type: integer @@ -32763,12 +51800,17 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: 'ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when created.' + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32802,10 +51844,15 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32824,23 +51871,36 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: + - AzureLinux - CBLMariner - - Mariner - Ubuntu - Windows2019 - Windows2022 @@ -32852,7 +51912,10 @@ spec: - Windows type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -32862,10 +51925,16 @@ spec: type: string type: object podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32879,7 +51948,10 @@ spec: type: string type: object powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -32892,7 +51964,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32912,7 +51987,9 @@ spec: - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -32924,7 +52001,10 @@ spec: - Spot type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -32940,18 +52020,39 @@ spec: upgradeSettings: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: + drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + maximum: 1440 + minimum: 1 + type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -32964,17 +52065,9 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' - properties: - disableOutboundNat: - description: 'DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.' - type: boolean - type: object workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - - KataMshvVmIsolation - OCIContainer - WasmWasi type: string @@ -32984,7 +52077,9 @@ spec: status: properties: availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -33004,14 +52099,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -33027,32 +52131,46 @@ spec: type: object type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: 'CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.' + description: |- + CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be + exactly equal to it. If orchestratorVersion is , this field will contain the full + version being used. type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean - enableCustomCATrust: - description: 'EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.' - type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -33061,7 +52179,10 @@ spec: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: 'HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: description: 'Id: Resource ID.' @@ -33075,7 +52196,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -33084,10 +52207,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -33102,11 +52230,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -33203,10 +52336,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -33215,14 +52354,13 @@ spec: maxPods: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer - messageOfTheDay: - description: 'MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).' - type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' @@ -33236,10 +52374,14 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: description: 'Protocol: The network protocol of the port.' @@ -33274,7 +52416,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -33282,24 +52426,43 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. + When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster + with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer + patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same + Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor + version must be within two minor versions of the control plane version. The node pool version cannot be greater than the + control plane version. For more information see [upgrading a node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 + when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -33318,13 +52481,18 @@ spec: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -33337,23 +52505,32 @@ spec: upgradeSettings: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: + drainTimeoutInMinutes: + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. + type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string - windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' - properties: - disableOutboundNat: - description: 'DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.' - type: boolean - type: object workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string @@ -33376,51 +52553,93 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20230202previewstorage + name: v1api20231001storage schema: openAPIV3Schema: - description: 'Storage version of v1api20230202preview.ManagedClustersAgentPool Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-02-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Storage version of v1api20231001.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20230202preview.ManagedClusters_AgentPool_Spec + description: Storage version of v1api20231001.ManagedClusters_AgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' - type: string - capacityReservationGroupID: + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string + capacityReservationGroupReference: + description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' + properties: + armId: + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. + pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) + type: string + group: + description: Group is the Kubernetes group of the resource. + type: string + kind: + description: Kind is the Kubernetes kind of the resource. + type: string + name: + description: Name is the Kubernetes name of the resource. + type: string + type: object count: type: integer creationData: - description: Storage version of v1api20230202preview.CreationData Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231001.CreationData + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -33436,8 +52655,6 @@ spec: type: object enableAutoScaling: type: boolean - enableCustomCATrust: - type: boolean enableEncryptionAtHost: type: boolean enableFIPS: @@ -33449,10 +52666,16 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -33466,12 +52689,16 @@ spec: type: string type: object kubeletConfig: - description: Storage version of v1api20230202preview.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231001.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -33501,22 +52728,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230202preview.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231001.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230202preview.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20231001.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -33584,28 +52819,34 @@ spec: type: integer maxPods: type: integer - messageOfTheDay: - type: string minCount: type: integer mode: type: string networkProfile: - description: Storage version of v1api20230202preview.AgentPoolNetworkProfile Network settings of an agent pool. + description: |- + Storage version of v1api20231001.AgentPoolNetworkProfile + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20230202preview.PortRange The port range. + description: |- + Storage version of v1api20231001.PortRange + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -33620,7 +52861,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -33636,12 +52880,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20230202preview.IPTag Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231001.IPTag + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -33655,10 +52903,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -33688,7 +52941,10 @@ spec: osType: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -33698,10 +52954,16 @@ spec: type: string type: object podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -33715,12 +52977,16 @@ spec: type: string type: object powerState: - description: Storage version of v1api20230202preview.PowerState Describes the Power State of the cluster + description: |- + Storage version of v1api20231001.PowerState + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -33729,7 +52995,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -33757,23 +53026,35 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230202preview.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20231001.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + drainTimeoutInMinutes: + type: integer maxSurge: type: string type: object vmSize: type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -33786,29 +53067,20 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object - windowsProfile: - description: Storage version of v1api20230202preview.AgentPoolWindowsProfile The Windows agent pool's specific profile. - properties: - $propertyBag: - additionalProperties: - type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions - type: object - disableOutboundNat: - type: boolean - type: object workloadRuntime: type: string required: - owner type: object status: - description: Storage version of v1api20230202preview.ManagedClusters_AgentPool_STATUS + description: Storage version of v1api20231001.ManagedClusters_AgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -33828,14 +53100,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -33853,12 +53134,16 @@ spec: count: type: integer creationData: - description: Storage version of v1api20230202preview.CreationData_STATUS Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231001.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -33867,8 +53152,6 @@ spec: type: string enableAutoScaling: type: boolean - enableCustomCATrust: - type: boolean enableEncryptionAtHost: type: boolean enableFIPS: @@ -33884,12 +53167,16 @@ spec: id: type: string kubeletConfig: - description: Storage version of v1api20230202preview.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231001.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -33919,22 +53206,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230202preview.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231001.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230202preview.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20231001.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -34002,8 +53297,6 @@ spec: type: integer maxPods: type: integer - messageOfTheDay: - type: string minCount: type: integer mode: @@ -34011,21 +53304,29 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20230202preview.AgentPoolNetworkProfile_STATUS Network settings of an agent pool. + description: |- + Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20230202preview.PortRange_STATUS The port range. + description: |- + Storage version of v1api20231001.PortRange_STATUS + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -34041,12 +53342,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20230202preview.IPTag_STATUS Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231001.IPTag_STATUS + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -34080,12 +53385,16 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20230202preview.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20231001.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -34111,13 +53420,19 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230202preview.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + drainTimeoutInMinutes: + type: integer maxSurge: type: string type: object @@ -34125,23 +53440,12 @@ spec: type: string vnetSubnetID: type: string - windowsProfile: - description: Storage version of v1api20230202preview.AgentPoolWindowsProfile_STATUS The Windows agent pool's specific profile. - properties: - $propertyBag: - additionalProperties: - type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions - type: object - disableOutboundNat: - type: boolean - type: object workloadRuntime: type: string type: object type: object served: true - storage: false + storage: true subresources: status: {} - additionalPrinterColumns: @@ -34157,28 +53461,53 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20231001 + name: v1api20231102preview schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: + artifactStreamingProfile: + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + properties: + enabled: + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. + type: boolean + type: object availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 12 minLength: 1 pattern: ^[a-z][a-z0-9]{0,11}$ @@ -34187,7 +53516,10 @@ spec: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -34201,16 +53533,23 @@ spec: type: string type: object count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -34227,14 +53566,30 @@ spec: enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. + type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -34248,11 +53603,28 @@ spec: - MIG4g - MIG7g type: string + gpuProfile: + description: 'GpuProfile: The GPU settings of an agent pool.' + properties: + installGPUDriver: + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. + type: boolean + type: object hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -34274,7 +53646,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. minimum: 2 type: integer containerLogMaxSizeMB: @@ -34284,10 +53658,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -34302,11 +53681,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. enum: - OS - Temporary @@ -34412,10 +53796,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -34424,11 +53814,19 @@ spec: maxPods: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User @@ -34442,12 +53840,16 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. maximum: 65535 minimum: 1 type: integer @@ -34460,12 +53862,17 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: 'ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when created.' + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -34493,16 +53900,31 @@ spec: type: object type: array type: object + nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` + items: + type: string + type: array nodeLabels: additionalProperties: type: string description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -34521,26 +53943,41 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. enum: - AzureLinux - CBLMariner + - Mariner - Ubuntu - Windows2019 - Windows2022 + - WindowsAnnual type: string osType: description: 'OsType: The operating system type. The default is Linux.' @@ -34549,7 +53986,10 @@ spec: - Windows type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -34559,10 +53999,16 @@ spec: type: string type: object podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -34576,7 +54022,10 @@ spec: type: string type: object powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -34589,7 +54038,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -34609,7 +54061,9 @@ spec: - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -34620,8 +54074,31 @@ spec: - Regular - Spot type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + sshAccess: + description: 'SshAccess: SSH access method of an agent pool.' + enum: + - Disabled + - LocalUser + type: string + type: object spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -34633,27 +54110,90 @@ spec: enum: - AvailabilitySet - VirtualMachineScaleSets + - VirtualMachines type: string upgradeSettings: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: 'DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.' + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + maximum: 30 + minimum: 0 + type: integer + type: object + virtualMachineNodesStatus: + items: + description: Current status on a group of nodes of the same vm size. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + size: + description: 'Size: The VM size of the agents used to host this group of nodes.' + type: string + type: object + type: array + virtualMachinesProfile: + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + properties: + scale: + description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' + properties: + manual: + description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' + items: + description: Specifications on number of machines. + properties: + count: + description: 'Count: Number of nodes.' + maximum: 1000 + minimum: 0 + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable + (e.g. due to quota or regional capacity reasons), AKS will use the next size. + items: + type: string + type: array + type: object + type: array + type: object type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -34666,9 +54206,19 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: + - KataMshvVmIsolation - OCIContainer - WasmWasi type: string @@ -34677,8 +54227,19 @@ spec: type: object status: properties: + artifactStreamingProfile: + description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' + properties: + enabled: + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. + type: boolean + type: object availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -34698,14 +54259,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -34721,29 +54291,52 @@ spec: type: object type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: 'CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be exactly equal to it. If orchestratorVersion is , this field will contain the full version being used.' + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean + enableCustomCATrust: + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. + type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' @@ -34751,8 +54344,22 @@ spec: gpuInstanceProfile: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string + gpuProfile: + description: 'GpuProfile: The GPU settings of an agent pool.' + properties: + installGPUDriver: + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. + type: boolean + type: object hostGroupID: - description: 'HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: description: 'Id: Resource ID.' @@ -34766,7 +54373,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -34775,10 +54384,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -34793,11 +54407,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -34894,10 +54513,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -34906,11 +54531,19 @@ spec: maxPods: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer + messageOfTheDay: + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). + type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' @@ -34924,10 +54557,14 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: description: 'Protocol: The network protocol of the port.' @@ -34956,13 +54593,25 @@ spec: nodeImageVersion: description: 'NodeImageVersion: The version of node image' type: string + nodeInitializationTaints: + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` + items: + type: string + type: array nodeLabels: additionalProperties: type: string description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -34970,24 +54619,43 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -35006,13 +54674,35 @@ spec: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string + securityProfile: + description: 'SecurityProfile: The security settings of an agent pool.' + properties: + enableSecureBoot: + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + enableVTPM: + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. + type: boolean + sshAccess: + description: 'SshAccess: SSH access method of an agent pool.' + type: string + type: object spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -35026,18 +54716,82 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: 'DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.' + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string + nodeSoakDurationInMinutes: + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. + type: integer + type: object + virtualMachineNodesStatus: + items: + description: Current status on a group of nodes of the same vm size. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + size: + description: 'Size: The VM size of the agents used to host this group of nodes.' + type: string + type: object + type: array + virtualMachinesProfile: + description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' + properties: + scale: + description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' + properties: + manual: + description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' + items: + description: Specifications on number of machines. + properties: + count: + description: 'Count: Number of nodes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable + (e.g. due to quota or regional capacity reasons), AKS will use the next size. + items: + type: string + type: array + type: object + type: array + type: object type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string + windowsProfile: + description: 'WindowsProfile: The Windows agent pool''s specific profile.' + properties: + disableOutboundNat: + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. + type: boolean + type: object workloadRuntime: description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string @@ -35060,39 +54814,72 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20231001storage + name: v1api20231102previewstorage schema: openAPIV3Schema: - description: 'Storage version of v1api20231001.ManagedClustersAgentPool Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Storage version of v1api20231102preview.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20231001.ManagedClusters_AgentPool_Spec + description: Storage version of v1api20231102preview.ManagedClusters_AgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean type: object availabilityZones: items: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string capacityReservationGroupReference: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35108,18 +54895,25 @@ spec: count: type: integer creationData: - description: Storage version of v1api20231001.CreationData Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231102preview.CreationData + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35135,6 +54929,8 @@ spec: type: object enableAutoScaling: type: boolean + enableCustomCATrust: + type: boolean enableEncryptionAtHost: type: boolean enableFIPS: @@ -35145,11 +54941,30 @@ spec: type: boolean gpuInstanceProfile: type: string + gpuProfile: + description: Storage version of v1api20231102preview.AgentPoolGPUProfile + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35163,12 +54978,16 @@ spec: type: string type: object kubeletConfig: - description: Storage version of v1api20231001.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231102preview.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -35198,22 +55017,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20231001.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231102preview.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20231001.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20231102preview.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -35281,26 +55108,36 @@ spec: type: integer maxPods: type: integer + messageOfTheDay: + type: string minCount: type: integer mode: type: string networkProfile: - description: Storage version of v1api20231001.AgentPoolNetworkProfile Network settings of an agent pool. + description: |- + Storage version of v1api20231102preview.AgentPoolNetworkProfile + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20231001.PortRange The port range. + description: |- + Storage version of v1api20231102preview.PortRange + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -35315,7 +55152,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35331,12 +55171,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20231001.IPTag Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231102preview.IPTag + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -35345,15 +55189,24 @@ spec: type: object type: array type: object + nodeInitializationTaints: + items: + type: string + type: array nodeLabels: additionalProperties: type: string type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35383,7 +55236,10 @@ spec: osType: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -35393,10 +55249,16 @@ spec: type: string type: object podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35410,12 +55272,16 @@ spec: type: string type: object powerState: - description: Storage version of v1api20231001.PowerState Describes the Power State of the cluster + description: |- + Storage version of v1api20231102preview.PowerState + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -35424,7 +55290,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35443,6 +55312,25 @@ spec: type: string scaleSetPriority: type: string + securityProfile: + description: |- + Storage version of v1api20231102preview.AgentPoolSecurityProfile + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object spotMaxPrice: type: number tags: @@ -35452,25 +55340,103 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231001.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20231102preview.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer maxSurge: type: string + nodeSoakDurationInMinutes: + type: integer + type: object + virtualMachineNodesStatus: + items: + description: |- + Storage version of v1api20231102preview.VirtualMachineNodes + Current status on a group of nodes of the same vm size. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: |- + Storage version of v1api20231102preview.VirtualMachinesProfile + Specifications on VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: |- + Storage version of v1api20231102preview.ScaleProfile + Specifications on how to scale a VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + manual: + items: + description: |- + Storage version of v1api20231102preview.ManualScaleProfile + Specifications on number of machines. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object type: object vmSize: type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35483,18 +55449,48 @@ spec: description: Name is the Kubernetes name of the resource. type: string type: object + windowsProfile: + description: |- + Storage version of v1api20231102preview.AgentPoolWindowsProfile + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object workloadRuntime: type: string required: - owner type: object status: - description: Storage version of v1api20231001.ManagedClusters_AgentPool_STATUS + description: Storage version of v1api20231102preview.ManagedClusters_AgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + artifactStreamingProfile: + description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enabled: + type: boolean type: object availabilityZones: items: @@ -35514,14 +55510,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -35539,12 +55544,16 @@ spec: count: type: integer creationData: - description: Storage version of v1api20231001.CreationData_STATUS Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20231102preview.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -35553,6 +55562,8 @@ spec: type: string enableAutoScaling: type: boolean + enableCustomCATrust: + type: boolean enableEncryptionAtHost: type: boolean enableFIPS: @@ -35563,17 +55574,34 @@ spec: type: boolean gpuInstanceProfile: type: string + gpuProfile: + description: Storage version of v1api20231102preview.AgentPoolGPUProfile_STATUS + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + installGPUDriver: + type: boolean + type: object hostGroupID: type: string id: type: string kubeletConfig: - description: Storage version of v1api20231001.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231102preview.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -35603,22 +55631,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20231001.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20231102preview.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20231001.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20231102preview.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -35686,6 +55722,8 @@ spec: type: integer maxPods: type: integer + messageOfTheDay: + type: string minCount: type: integer mode: @@ -35693,21 +55731,29 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS Network settings of an agent pool. + description: |- + Storage version of v1api20231102preview.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20231001.PortRange_STATUS The port range. + description: |- + Storage version of v1api20231102preview.PortRange_STATUS + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -35723,12 +55769,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20231001.IPTag_STATUS Contains the IPTag associated with the object. + description: |- + Storage version of v1api20231102preview.IPTag_STATUS + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -35739,6 +55789,10 @@ spec: type: object nodeImageVersion: type: string + nodeInitializationTaints: + items: + type: string + type: array nodeLabels: additionalProperties: type: string @@ -35762,12 +55816,16 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20231001.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20231102preview.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -35784,6 +55842,25 @@ spec: type: string scaleSetPriority: type: string + securityProfile: + description: |- + Storage version of v1api20231102preview.AgentPoolSecurityProfile_STATUS + The security settings of an agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + enableSecureBoot: + type: boolean + enableVTPM: + type: boolean + sshAccess: + type: string + type: object spotMaxPrice: type: number tags: @@ -35793,28 +55870,115 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20231102preview.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer maxSurge: type: string + nodeSoakDurationInMinutes: + type: integer + type: object + virtualMachineNodesStatus: + items: + description: |- + Storage version of v1api20231102preview.VirtualMachineNodes_STATUS + Current status on a group of nodes of the same vm size. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + size: + type: string + type: object + type: array + virtualMachinesProfile: + description: |- + Storage version of v1api20231102preview.VirtualMachinesProfile_STATUS + Specifications on VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + scale: + description: |- + Storage version of v1api20231102preview.ScaleProfile_STATUS + Specifications on how to scale a VirtualMachines agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + manual: + items: + description: |- + Storage version of v1api20231102preview.ManualScaleProfile_STATUS + Specifications on number of machines. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + count: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array + type: object type: object vmSize: type: string vnetSubnetID: type: string + windowsProfile: + description: |- + Storage version of v1api20231102preview.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + disableOutboundNat: + type: boolean + type: object workloadRuntime: type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} - additionalPrinterColumns: @@ -35830,16 +55994,28 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20231102preview + name: v1api20240402preview schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -35849,16 +56025,22 @@ spec: description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: 'Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.' + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 12 minLength: 1 pattern: ^[a-z][a-z0-9]{0,11}$ @@ -35867,7 +56049,10 @@ spec: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35881,16 +56066,23 @@ spec: type: string type: object count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35908,20 +56100,49 @@ spec: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: 'EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.' + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean + gatewayProfile: + description: |- + GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is + not Gateway. + properties: + publicIPPrefixSize: + description: |- + PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide + public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with + one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure + public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 + nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. + maximum: 31 + minimum: 28 + type: integer + type: object gpuInstanceProfile: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: @@ -35935,14 +56156,24 @@ spec: description: 'GpuProfile: The GPU settings of an agent pool.' properties: installGPUDriver: - description: 'InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.' + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. type: boolean type: object hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -35964,7 +56195,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. minimum: 2 type: integer containerLogMaxSizeMB: @@ -35974,10 +56207,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -35992,11 +56230,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. enum: - OS - Temporary @@ -36102,10 +56345,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -36115,14 +56364,20 @@ spec: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: 'MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).' + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: + - Gateway - System - User type: string @@ -36135,12 +56390,16 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. maximum: 65535 minimum: 1 type: integer @@ -36153,12 +56412,17 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: 'ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when created.' + description: |- + ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when + created. items: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -36187,7 +56451,12 @@ spec: type: array type: object nodeInitializationTaints: - description: 'NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ''key1=value1:NoSchedule'' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`' + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` items: type: string type: array @@ -36197,10 +56466,15 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -36219,20 +56493,33 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. enum: - AzureLinux - CBLMariner @@ -36249,7 +56536,10 @@ spec: - Windows type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -36258,11 +56548,25 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object + podIPAllocationMode: + description: |- + PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is + 'DynamicIndividual'. + enum: + - DynamicIndividual + - StaticBlock + type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -36276,7 +56580,10 @@ spec: type: string type: object powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -36289,7 +56596,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -36309,7 +56619,9 @@ spec: - Delete type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. enum: - Deallocate - Delete @@ -36324,10 +56636,14 @@ spec: description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: 'EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.' + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: 'EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.' + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: description: 'SshAccess: SSH access method of an agent pool.' @@ -36337,7 +56653,10 @@ spec: type: string type: object spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -36355,18 +56674,36 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: 'DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.' + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: 'NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.' + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. maximum: 30 minimum: 0 type: integer + undrainableNodeBehavior: + description: |- + UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable + nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the + remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. + enum: + - Cordon + - Schedule + type: string type: object virtualMachineNodesStatus: items: @@ -36386,18 +56723,44 @@ spec: scale: description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: + autoscale: + description: |- + Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, + at most one AutoScaleProfile is allowed. + items: + description: Specifications on auto-scaling. + properties: + maxCount: + description: 'MaxCount: The maximum number of nodes of the specified sizes.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes of the specified sizes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS + will use the next size. + items: + type: string + type: array + type: object + type: array manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' + description: |- + Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size. Currently, at most one + ManualScaleProfile is allowed. items: description: Specifications on number of machines. properties: count: description: 'Count: Number of nodes.' - maximum: 1000 - minimum: 0 type: integer sizes: - description: 'Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.' + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will + use the next size. items: type: string type: array @@ -36406,13 +56769,22 @@ spec: type: object type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -36429,7 +56801,9 @@ spec: description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: 'DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.' + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: @@ -36448,11 +56822,15 @@ spec: description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: 'Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.' + description: |- + Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use + this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: 'AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is ''VirtualMachineScaleSets''.' + description: |- + AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType + property is 'VirtualMachineScaleSets'. items: type: string type: array @@ -36472,14 +56850,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -36495,36 +56882,76 @@ spec: type: object type: array count: - description: 'Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.' + description: |- + Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) + for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: 'CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.' + description: |- + CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using + a snapshot. properties: sourceResourceId: description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: 'CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.' + description: |- + CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be + exactly equal to it. If orchestratorVersion was , this field will contain the full + version being used. + type: string + eTag: + description: |- + ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is + updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic + concurrency per the normal etag convention. type: string enableAutoScaling: description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: 'EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.' + description: |- + EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a + daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded + certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: 'EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption' + description: |- + EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, + see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: 'EnableFIPS: See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.' + description: |- + EnableFIPS: See [Add a FIPS-enabled node + pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more + details. type: boolean enableNodePublicIP: - description: 'EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.' + description: |- + EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. + A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine + to minimize hops. For more information see [assigning a public IP per + node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The + default is false. type: boolean enableUltraSSD: description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean + gatewayProfile: + description: |- + GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is + not Gateway. + properties: + publicIPPrefixSize: + description: |- + PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide + public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with + one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure + public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 + nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. + type: integer + type: object gpuInstanceProfile: description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string @@ -36532,11 +56959,18 @@ spec: description: 'GpuProfile: The GPU settings of an agent pool.' properties: installGPUDriver: - description: 'InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.' + description: |- + InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU + Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents + automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver + installation themselves. type: boolean type: object hostGroupID: - description: 'HostGroupID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: description: 'Id: Resource ID.' @@ -36550,7 +56984,9 @@ spec: type: string type: array containerLogMaxFiles: - description: 'ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be â‰Ĩ 2.' + description: |- + ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be + â‰Ĩ 2. type: integer containerLogMaxSizeMB: description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' @@ -36559,10 +56995,15 @@ spec: description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: 'CpuCfsQuotaPeriod: The default is ''100ms.'' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: ''300ms'', ''2h45m''. Supported units are ''ns'', ''us'', ''ms'', ''s'', ''m'', and ''h''.' + description: |- + CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and + a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: 'CpuManagerPolicy: The default is ''none''. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are ''none'' and ''static''.' + description: |- + CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management + policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more + information. Allowed values are 'none' and 'static'. type: string failSwapOn: description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' @@ -36577,11 +57018,16 @@ spec: description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: 'TopologyManagerPolicy: For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is ''none''. Allowed values are ''none'', ''best-effort'', ''restricted'', and ''single-numa-node''.' + description: |- + TopologyManagerPolicy: For more information see [Kubernetes Topology + Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values + are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: 'KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.' + description: |- + KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral + storage. type: string linuxOSConfig: description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' @@ -36678,10 +57124,16 @@ spec: type: integer type: object transparentHugePageDefrag: - description: 'TransparentHugePageDefrag: Valid values are ''always'', ''defer'', ''defer+madvise'', ''madvise'' and ''never''. The default is ''madvise''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is + 'madvise'. For more information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: 'TransparentHugePageEnabled: Valid values are ''always'', ''madvise'', and ''never''. The default is ''always''. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).' + description: |- + TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more + information see [Transparent + Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: @@ -36691,13 +57143,18 @@ spec: description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: 'MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).' + description: |- + MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of + the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., + will be printed raw and not be executed as a script). type: string minCount: description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: 'Mode: A cluster must have at least one ''System'' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools' + description: |- + Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool + restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' @@ -36711,10 +57168,14 @@ spec: description: The port range. properties: portEnd: - description: 'PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.' + description: |- + PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or + equal to portStart. type: integer portStart: - description: 'PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.' + description: |- + PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or + equal to portEnd. type: integer protocol: description: 'Protocol: The network protocol of the port.' @@ -36744,7 +57205,12 @@ spec: description: 'NodeImageVersion: The version of node image' type: string nodeInitializationTaints: - description: 'NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example ''key1=value1:NoSchedule'' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`' + description: |- + NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field + can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that + requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the + node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint + nodes node1 key1=value1:NoSchedule-` items: type: string type: array @@ -36754,7 +57220,9 @@ spec: description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: 'NodePublicIPPrefixID: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixID: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' @@ -36762,24 +57230,48 @@ spec: type: string type: array orchestratorVersion: - description: 'OrchestratorVersion: Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).' + description: |- + OrchestratorVersion: Both patch version and are supported. When is + specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same + once it has been created will not trigger an upgrade, even if a newer patch version is available. As a + best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version + must have the same major version as the control plane. The node pool minor version must be within two minor versions of + the control plane version. The node pool version cannot be greater than the control plane version. For more information + see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: 'OsDiskType: The default is ''Ephemeral'' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to ''Managed''. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).' + description: |- + OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested + OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral + OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: 'OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.' + description: |- + OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or + Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is + deprecated. type: string osType: description: 'OsType: The operating system type. The default is Linux.' type: string + podIPAllocationMode: + description: |- + PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is + 'DynamicIndividual'. + type: string podSubnetID: - description: 'PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is + of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: 'PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded' + description: |- + PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this + field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only + be stopped if it is Running and provisioning state is Succeeded properties: code: description: 'Code: Tells whether the cluster is Running or Stopped' @@ -36798,7 +57290,9 @@ spec: description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: 'ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is ''Spot''. If not specified, the default is ''Delete''.' + description: |- + ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is + 'Delete'. type: string scaleSetPriority: description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' @@ -36807,17 +57301,24 @@ spec: description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: 'EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.' + description: |- + EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and + drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: 'EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.' + description: |- + EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held + locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: description: 'SshAccess: SSH access method of an agent pool.' type: string type: object spotMaxPrice: - description: 'SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)' + description: |- + SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any + on-demand price. For more details on spot pricing, see [spot VMs + pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: @@ -36831,14 +57332,29 @@ spec: description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: 'DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.' + description: |- + DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. + This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not + specified, the default is 30 minutes. type: integer maxSurge: - description: 'MaxSurge: This can either be set to an integer (e.g. ''5'') or a percentage (e.g. ''50%''). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade' + description: |- + MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it + is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded + up. If not specified, the default is 1. For more information, including best practices, see: + https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: 'NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.' + description: |- + NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and + moving on to next node. If not specified, the default is 0 minutes. type: integer + undrainableNodeBehavior: + description: |- + UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable + nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the + remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. + type: string type: object virtualMachineNodesStatus: items: @@ -36858,8 +57374,33 @@ spec: scale: description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: + autoscale: + description: |- + Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, + at most one AutoScaleProfile is allowed. + items: + description: Specifications on auto-scaling. + properties: + maxCount: + description: 'MaxCount: The maximum number of nodes of the specified sizes.' + type: integer + minCount: + description: 'MinCount: The minimum number of nodes of the specified sizes.' + type: integer + sizes: + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS + will use the next size. + items: + type: string + type: array + type: object + type: array manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' + description: |- + Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size. Currently, at most one + ManualScaleProfile is allowed. items: description: Specifications on number of machines. properties: @@ -36867,7 +57408,10 @@ spec: description: 'Count: Number of nodes.' type: integer sizes: - description: 'Sizes: The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.' + description: |- + Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the + first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will + use the next size. items: type: string type: array @@ -36876,16 +57420,24 @@ spec: type: object type: object vmSize: - description: 'VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions' + description: |- + VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods + might fail to run correctly. For more details on restricted VM sizes, see: + https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: 'VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, + this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: 'DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.' + description: |- + DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT + Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: @@ -36910,34 +57462,51 @@ spec: - jsonPath: .status.conditions[?(@.type=='Ready')].message name: Message type: string - name: v1api20231102previewstorage + name: v1api20240402previewstorage schema: openAPIV3Schema: - description: 'Storage version of v1api20231102preview.ManagedClustersAgentPool Generator information: - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2023-11-02-preview/managedClusters.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}' + description: |- + Storage version of v1api20240402preview.ManagedClustersAgentPool + Generator information: + - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20231102preview.ManagedClusters_AgentPool_Spec + description: Storage version of v1api20240402preview.ManagedClusters_AgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: - description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile + description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -36947,13 +57516,18 @@ spec: type: string type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string capacityReservationGroupReference: description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -36969,18 +57543,25 @@ spec: count: type: integer creationData: - description: Storage version of v1api20231102preview.CreationData Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20240402preview.CreationData + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -37006,24 +57587,47 @@ spec: type: boolean enableUltraSSD: type: boolean + gatewayProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolGatewayProfile + Profile of the managed cluster gateway agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixSize: + type: integer + type: object gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20231102preview.AgentPoolGPUProfile + description: Storage version of v1api20240402preview.AgentPoolGPUProfile properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object installGPUDriver: type: boolean type: object hostGroupReference: - description: 'HostGroupReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).' + description: |- + HostGroupReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. + For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -37037,12 +57641,16 @@ spec: type: string type: object kubeletConfig: - description: Storage version of v1api20231102preview.KubeletConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20240402preview.KubeletConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -37072,22 +57680,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20231102preview.LinuxOSConfig See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20240402preview.LinuxOSConfig + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20231102preview.SysctlConfig Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20240402preview.SysctlConfig + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -37162,21 +57778,29 @@ spec: mode: type: string networkProfile: - description: Storage version of v1api20231102preview.AgentPoolNetworkProfile Network settings of an agent pool. + description: |- + Storage version of v1api20240402preview.AgentPoolNetworkProfile + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20231102preview.PortRange The port range. + description: |- + Storage version of v1api20240402preview.PortRange + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -37191,7 +57815,10 @@ spec: description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -37207,12 +57834,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20231102preview.IPTag Contains the IPTag associated with the object. + description: |- + Storage version of v1api20240402preview.IPTag + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -37230,10 +57861,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: 'NodePublicIPPrefixReference: This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}' + description: |- + NodePublicIPPrefixReference: This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -37263,7 +57899,10 @@ spec: osType: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a containerservice.azure.com/ManagedCluster resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -37272,11 +57911,19 @@ spec: description: This is the name of the Kubernetes resource to reference. type: string type: object + podIPAllocationMode: + type: string podSubnetReference: - description: 'PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). + This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -37290,12 +57937,16 @@ spec: type: string type: object powerState: - description: Storage version of v1api20231102preview.PowerState Describes the Power State of the cluster + description: |- + Storage version of v1api20240402preview.PowerState + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -37304,7 +57955,10 @@ spec: description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -37324,12 +57978,16 @@ spec: scaleSetPriority: type: string securityProfile: - description: Storage version of v1api20231102preview.AgentPoolSecurityProfile The security settings of an agent pool. + description: |- + Storage version of v1api20240402preview.AgentPoolSecurityProfile + The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -37347,12 +58005,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231102preview.AgentPoolUpgradeSettings Settings for upgrading an agentpool + description: |- + Storage version of v1api20240402preview.AgentPoolUpgradeSettings + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -37360,15 +58022,21 @@ spec: type: string nodeSoakDurationInMinutes: type: integer + undrainableNodeBehavior: + type: string type: object virtualMachineNodesStatus: items: - description: Storage version of v1api20231102preview.VirtualMachineNodes Current status on a group of nodes of the same vm size. + description: |- + Storage version of v1api20240402preview.VirtualMachineNodes + Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -37377,29 +58045,64 @@ spec: type: object type: array virtualMachinesProfile: - description: Storage version of v1api20231102preview.VirtualMachinesProfile Specifications on VirtualMachines agent pool. + description: |- + Storage version of v1api20240402preview.VirtualMachinesProfile + Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object scale: - description: Storage version of v1api20231102preview.ScaleProfile Specifications on how to scale a VirtualMachines agent pool. + description: |- + Storage version of v1api20240402preview.ScaleProfile + Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + autoscale: + items: + description: |- + Storage version of v1api20240402preview.AutoScaleProfile + Specifications on auto-scaling. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxCount: + type: integer + minCount: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array manual: items: - description: Storage version of v1api20231102preview.ManualScaleProfile Specifications on number of machines. + description: |- + Storage version of v1api20240402preview.ManualScaleProfile + Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -37414,10 +58117,16 @@ spec: vmSize: type: string vnetSubnetReference: - description: 'VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is + specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -37431,12 +58140,16 @@ spec: type: string type: object windowsProfile: - description: Storage version of v1api20231102preview.AgentPoolWindowsProfile The Windows agent pool's specific profile. + description: |- + Storage version of v1api20240402preview.AgentPoolWindowsProfile + The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -37447,20 +58160,24 @@ spec: - owner type: object status: - description: Storage version of v1api20231102preview.ManagedClusters_AgentPool_STATUS + description: Storage version of v1api20240402preview.ManagedClusters_AgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: - description: Storage version of v1api20231102preview.AgentPoolArtifactStreamingProfile_STATUS + description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37483,14 +58200,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -37508,18 +58234,24 @@ spec: count: type: integer creationData: - description: Storage version of v1api20231102preview.CreationData_STATUS Data used when creating a target resource from a source resource. + description: |- + Storage version of v1api20240402preview.CreationData_STATUS + Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string type: object currentOrchestratorVersion: type: string + eTag: + type: string enableAutoScaling: type: boolean enableCustomCATrust: @@ -37532,15 +58264,32 @@ spec: type: boolean enableUltraSSD: type: boolean + gatewayProfile: + description: |- + Storage version of v1api20240402preview.AgentPoolGatewayProfile_STATUS + Profile of the managed cluster gateway agent pool. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + publicIPPrefixSize: + type: integer + type: object gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20231102preview.AgentPoolGPUProfile_STATUS + description: Storage version of v1api20240402preview.AgentPoolGPUProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object installGPUDriver: type: boolean @@ -37550,12 +58299,16 @@ spec: id: type: string kubeletConfig: - description: Storage version of v1api20231102preview.KubeletConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20240402preview.KubeletConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -37585,22 +58338,30 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20231102preview.LinuxOSConfig_STATUS See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. + description: |- + Storage version of v1api20240402preview.LinuxOSConfig_STATUS + See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20231102preview.SysctlConfig_STATUS Sysctl settings for Linux agent nodes. + description: |- + Storage version of v1api20240402preview.SysctlConfig_STATUS + Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -37677,21 +58438,29 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20231102preview.AgentPoolNetworkProfile_STATUS Network settings of an agent pool. + description: |- + Storage version of v1api20240402preview.AgentPoolNetworkProfile_STATUS + Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: Storage version of v1api20231102preview.PortRange_STATUS The port range. + description: |- + Storage version of v1api20240402preview.PortRange_STATUS + The port range. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -37707,12 +58476,16 @@ spec: type: array nodePublicIPTags: items: - description: Storage version of v1api20231102preview.IPTag_STATUS Contains the IPTag associated with the object. + description: |- + Storage version of v1api20240402preview.IPTag_STATUS + Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -37747,15 +58520,21 @@ spec: type: string osType: type: string + podIPAllocationMode: + type: string podSubnetID: type: string powerState: - description: Storage version of v1api20231102preview.PowerState_STATUS Describes the Power State of the cluster + description: |- + Storage version of v1api20240402preview.PowerState_STATUS + Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -37773,12 +58552,16 @@ spec: scaleSetPriority: type: string securityProfile: - description: Storage version of v1api20231102preview.AgentPoolSecurityProfile_STATUS The security settings of an agent pool. + description: |- + Storage version of v1api20240402preview.AgentPoolSecurityProfile_STATUS + The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -37796,12 +58579,16 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20231102preview.AgentPoolUpgradeSettings_STATUS Settings for upgrading an agentpool + description: |- + Storage version of v1api20240402preview.AgentPoolUpgradeSettings_STATUS + Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -37809,15 +58596,21 @@ spec: type: string nodeSoakDurationInMinutes: type: integer + undrainableNodeBehavior: + type: string type: object virtualMachineNodesStatus: items: - description: Storage version of v1api20231102preview.VirtualMachineNodes_STATUS Current status on a group of nodes of the same vm size. + description: |- + Storage version of v1api20240402preview.VirtualMachineNodes_STATUS + Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -37826,29 +58619,64 @@ spec: type: object type: array virtualMachinesProfile: - description: Storage version of v1api20231102preview.VirtualMachinesProfile_STATUS Specifications on VirtualMachines agent pool. + description: |- + Storage version of v1api20240402preview.VirtualMachinesProfile_STATUS + Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object scale: - description: Storage version of v1api20231102preview.ScaleProfile_STATUS Specifications on how to scale a VirtualMachines agent pool. + description: |- + Storage version of v1api20240402preview.ScaleProfile_STATUS + Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object + autoscale: + items: + description: |- + Storage version of v1api20240402preview.AutoScaleProfile_STATUS + Specifications on auto-scaling. + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + maxCount: + type: integer + minCount: + type: integer + sizes: + items: + type: string + type: array + type: object + type: array manual: items: - description: Storage version of v1api20231102preview.ManualScaleProfile_STATUS Specifications on number of machines. + description: |- + Storage version of v1api20240402preview.ManualScaleProfile_STATUS + Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -37865,12 +58693,16 @@ spec: vnetSubnetID: type: string windowsProfile: - description: Storage version of v1api20231102preview.AgentPoolWindowsProfile_STATUS The Windows agent pool's specific profile. + description: |- + Storage version of v1api20240402preview.AgentPoolWindowsProfile_STATUS + The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -37889,10 +58721,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: natgateways.network.azure.com spec: conversion: @@ -37931,20 +58763,34 @@ spec: name: v1api20220701 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName}' + description: |- + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string idleTimeoutInMinutes: description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' @@ -37953,7 +58799,10 @@ spec: description: 'Location: Resource location.' type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -37971,7 +58820,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -37995,7 +58847,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -38048,14 +58903,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -38163,13 +59027,26 @@ spec: name: v1api20220701storage schema: openAPIV3Schema: - description: 'Storage version of v1api20220701.NatGateway Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName}' + description: |- + Storage version of v1api20220701.NatGateway + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -38179,10 +59056,14 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string idleTimeoutInMinutes: type: integer @@ -38191,7 +59072,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -38202,18 +59086,25 @@ spec: type: object publicIpAddresses: items: - description: Storage version of v1api20220701.ApplicationGatewaySubResource Reference to another subresource. + description: |- + Storage version of v1api20220701.ApplicationGatewaySubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -38230,18 +59121,25 @@ spec: type: array publicIpPrefixes: items: - description: Storage version of v1api20220701.ApplicationGatewaySubResource Reference to another subresource. + description: |- + Storage version of v1api20220701.ApplicationGatewaySubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -38257,12 +59155,16 @@ spec: type: object type: array sku: - description: Storage version of v1api20220701.NatGatewaySku SKU of nat gateway. + description: |- + Storage version of v1api20220701.NatGatewaySku + SKU of nat gateway. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -38279,12 +59181,16 @@ spec: - owner type: object status: - description: Storage version of v1api20220701.NatGateway_STATUS Nat Gateway resource. + description: |- + Storage version of v1api20220701.NatGateway_STATUS + Nat Gateway resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object conditions: items: @@ -38298,14 +59204,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -38334,12 +59249,16 @@ spec: type: string publicIpAddresses: items: - description: Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS Reference to another subresource. + description: |- + Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -38347,12 +59266,16 @@ spec: type: array publicIpPrefixes: items: - description: Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS Reference to another subresource. + description: |- + Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -38361,24 +59284,32 @@ spec: resourceGuid: type: string sku: - description: Storage version of v1api20220701.NatGatewaySku_STATUS SKU of nat gateway. + description: |- + Storage version of v1api20220701.NatGatewaySku_STATUS + SKU of nat gateway. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string type: object subnets: items: - description: Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS Reference to another subresource. + description: |- + Storage version of v1api20220701.ApplicationGatewaySubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -38406,10 +59337,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: privateendpoints.network.azure.com spec: conversion: @@ -38448,13 +59379,25 @@ spec: name: v1api20220701 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName}' + description: |- + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -38469,7 +59412,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -38485,7 +59431,9 @@ spec: type: object type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string customNetworkInterfaceName: description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' @@ -38503,7 +59451,9 @@ spec: type: string type: object ipConfigurations: - description: 'IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party Service''s endpoints.' + description: |- + IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party + Service's endpoints. items: description: An IP Configuration of the private endpoint. properties: @@ -38525,7 +59475,9 @@ spec: description: 'Location: Resource location.' type: string manualPrivateLinkServiceConnections: - description: 'ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when the network admin does not have access to approve connections to the remote resource.' + description: |- + ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when + the network admin does not have access to approve connections to the remote resource. items: description: PrivateLinkServiceConnection resource. properties: @@ -38538,7 +59490,9 @@ spec: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: 'PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote resource.' + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. properties: actionsRequired: description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' @@ -38554,7 +59508,10 @@ spec: description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -38568,12 +59525,44 @@ spec: type: string type: object requestMessage: - description: 'RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.' + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. type: string type: object type: array + operatorSpec: + description: |- + OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not + passed directly to Azure + properties: + configMaps: + description: 'ConfigMaps: configures where to place operator written ConfigMaps.' + properties: + primaryNicPrivateIpAddress: + description: |- + PrimaryNicPrivateIpAddress: indicates where the PrimaryNicPrivateIpAddress config map should be placed. If omitted, no + config map will be created. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + type: object owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -38596,7 +59585,9 @@ spec: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: 'PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote resource.' + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. properties: actionsRequired: description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' @@ -38612,7 +59603,10 @@ spec: description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -38626,7 +59620,9 @@ spec: type: string type: object requestMessage: - description: 'RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.' + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. type: string type: object type: array @@ -38637,7 +59633,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -38685,14 +59684,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -38742,7 +59750,9 @@ spec: description: 'Id: Resource ID.' type: string ipConfigurations: - description: 'IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party Service''s endpoints.' + description: |- + IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party + Service's endpoints. items: description: An IP Configuration of the private endpoint. properties: @@ -38770,7 +59780,9 @@ spec: description: 'Location: Resource location.' type: string manualPrivateLinkServiceConnections: - description: 'ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when the network admin does not have access to approve connections to the remote resource.' + description: |- + ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when + the network admin does not have access to approve connections to the remote resource. items: description: PrivateLinkServiceConnection resource. properties: @@ -38789,7 +59801,9 @@ spec: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: 'PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote resource.' + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. properties: actionsRequired: description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' @@ -38808,7 +59822,9 @@ spec: description: 'ProvisioningState: The provisioning state of the private link service connection resource.' type: string requestMessage: - description: 'RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.' + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. type: string type: description: 'Type: The resource type.' @@ -38848,7 +59864,9 @@ spec: description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: 'PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote resource.' + description: |- + PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote + resource. properties: actionsRequired: description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' @@ -38867,7 +59885,9 @@ spec: description: 'ProvisioningState: The provisioning state of the private link service connection resource.' type: string requestMessage: - description: 'RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.' + description: |- + RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 + chars. type: string type: description: 'Type: The resource type.' @@ -38914,13 +59934,26 @@ spec: name: v1api20220701storage schema: openAPIV3Schema: - description: 'Storage version of v1api20220701.PrivateEndpoint Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName}' + description: |- + Storage version of v1api20220701.PrivateEndpoint + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -38930,22 +59963,31 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object applicationSecurityGroups: items: - description: Storage version of v1api20220701.ApplicationSecurityGroupSpec_PrivateEndpoint_SubResourceEmbedded An application security group in a resource group. + description: |- + Storage version of v1api20220701.ApplicationSecurityGroupSpec_PrivateEndpoint_SubResourceEmbedded + An application security group in a resource group. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -38961,17 +60003,23 @@ spec: type: object type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string customNetworkInterfaceName: type: string extendedLocation: - description: Storage version of v1api20220701.ExtendedLocation ExtendedLocation complex type. + description: |- + Storage version of v1api20220701.ExtendedLocation + ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -38980,12 +60028,16 @@ spec: type: object ipConfigurations: items: - description: Storage version of v1api20220701.PrivateEndpointIPConfiguration An IP Configuration of the private endpoint. + description: |- + Storage version of v1api20220701.PrivateEndpointIPConfiguration + An IP Configuration of the private endpoint. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -39001,12 +60053,16 @@ spec: type: string manualPrivateLinkServiceConnections: items: - description: Storage version of v1api20220701.PrivateLinkServiceConnection PrivateLinkServiceConnection resource. + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnection + PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupIds: items: @@ -39015,12 +60071,16 @@ spec: name: type: string privateLinkServiceConnectionState: - description: Storage version of v1api20220701.PrivateLinkServiceConnectionState A collection of information about the state of the connection between service consumer and provider. + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnectionState + A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string @@ -39033,7 +60093,10 @@ spec: description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -39050,10 +60113,54 @@ spec: type: string type: object type: array + operatorSpec: + description: |- + Storage version of v1api20220701.PrivateEndpointOperatorSpec + Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + configMaps: + description: Storage version of v1api20220701.PrivateEndpointOperatorConfigMaps + properties: + $propertyBag: + additionalProperties: + type: string + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions + type: object + primaryNicPrivateIpAddress: + description: |- + ConfigMapDestination describes the location to store a single configmap value + Note: This is similar to SecretDestination in secrets.go. Changes to one should likely also be made to the other. + properties: + key: + description: Key is the key in the ConfigMap being referenced + type: string + name: + description: |- + Name is the name of the Kubernetes ConfigMap being referenced. + The ConfigMap must be in the same namespace as the resource + type: string + required: + - key + - name + type: object + type: object + type: object originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -39064,12 +60171,16 @@ spec: type: object privateLinkServiceConnections: items: - description: Storage version of v1api20220701.PrivateLinkServiceConnection PrivateLinkServiceConnection resource. + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnection + PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object groupIds: items: @@ -39078,12 +60189,16 @@ spec: name: type: string privateLinkServiceConnectionState: - description: Storage version of v1api20220701.PrivateLinkServiceConnectionState A collection of information about the state of the connection between service consumer and provider. + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnectionState + A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string @@ -39096,7 +60211,10 @@ spec: description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -39114,18 +60232,25 @@ spec: type: object type: array subnet: - description: Storage version of v1api20220701.Subnet_PrivateEndpoint_SubResourceEmbedded Subnet in a virtual network resource. + description: |- + Storage version of v1api20220701.Subnet_PrivateEndpoint_SubResourceEmbedded + Subnet in a virtual network resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -39147,21 +60272,29 @@ spec: - owner type: object status: - description: Storage version of v1api20220701.PrivateEndpoint_STATUS_PrivateEndpoint_SubResourceEmbedded Private endpoint resource. + description: |- + Storage version of v1api20220701.PrivateEndpoint_STATUS_PrivateEndpoint_SubResourceEmbedded + Private endpoint resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object applicationSecurityGroups: items: - description: Storage version of v1api20220701.ApplicationSecurityGroup_STATUS_PrivateEndpoint_SubResourceEmbedded An application security group in a resource group. + description: |- + Storage version of v1api20220701.ApplicationSecurityGroup_STATUS_PrivateEndpoint_SubResourceEmbedded + An application security group in a resource group. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -39179,14 +60312,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -39203,12 +60345,16 @@ spec: type: array customDnsConfigs: items: - description: Storage version of v1api20220701.CustomDnsConfigPropertiesFormat_STATUS Contains custom Dns resolution configuration from customer. + description: |- + Storage version of v1api20220701.CustomDnsConfigPropertiesFormat_STATUS + Contains custom Dns resolution configuration from customer. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object fqdn: type: string @@ -39223,12 +60369,16 @@ spec: etag: type: string extendedLocation: - description: Storage version of v1api20220701.ExtendedLocation_STATUS ExtendedLocation complex type. + description: |- + Storage version of v1api20220701.ExtendedLocation_STATUS + ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -39239,12 +60389,16 @@ spec: type: string ipConfigurations: items: - description: Storage version of v1api20220701.PrivateEndpointIPConfiguration_STATUS An IP Configuration of the private endpoint. + description: |- + Storage version of v1api20220701.PrivateEndpointIPConfiguration_STATUS + An IP Configuration of the private endpoint. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -39264,12 +60418,16 @@ spec: type: string manualPrivateLinkServiceConnections: items: - description: Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS PrivateLinkServiceConnection resource. + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS + PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -39282,12 +60440,16 @@ spec: name: type: string privateLinkServiceConnectionState: - description: Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS A collection of information about the state of the connection between service consumer and provider. + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS + A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string @@ -39310,12 +60472,16 @@ spec: type: string networkInterfaces: items: - description: Storage version of v1api20220701.NetworkInterface_STATUS_PrivateEndpoint_SubResourceEmbedded A network interface in a resource group. + description: |- + Storage version of v1api20220701.NetworkInterface_STATUS_PrivateEndpoint_SubResourceEmbedded + A network interface in a resource group. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -39323,12 +60489,16 @@ spec: type: array privateLinkServiceConnections: items: - description: Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS PrivateLinkServiceConnection resource. + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS + PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -39341,12 +60511,16 @@ spec: name: type: string privateLinkServiceConnectionState: - description: Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS A collection of information about the state of the connection between service consumer and provider. + description: |- + Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS + A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string @@ -39368,12 +60542,16 @@ spec: provisioningState: type: string subnet: - description: Storage version of v1api20220701.Subnet_STATUS_PrivateEndpoint_SubResourceEmbedded Subnet in a virtual network resource. + description: |- + Storage version of v1api20220701.Subnet_STATUS_PrivateEndpoint_SubResourceEmbedded + Subnet in a virtual network resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -39396,10 +60574,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: resourcegroups.resources.azure.com spec: conversion: @@ -39438,25 +60616,41 @@ spec: name: v1api20200601 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}' + description: |- + Generator information: + - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json + - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. maxLength: 90 minLength: 1 type: string location: - description: 'Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be one of the supported Azure locations.' + description: |- + Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be + one of the supported Azure locations. type: string managedBy: description: 'ManagedBy: The ID of the resource that manages this resource group.' @@ -39485,14 +60679,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -39511,7 +60714,9 @@ spec: description: 'Id: The ID of the resource group.' type: string location: - description: 'Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be one of the supported Azure locations.' + description: |- + Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be + one of the supported Azure locations. type: string managedBy: description: 'ManagedBy: The ID of the resource that manages this resource group.' @@ -39556,13 +60761,26 @@ spec: name: v1api20200601storage schema: openAPIV3Schema: - description: 'Storage version of v1api20200601.ResourceGroup Generator information: - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}' + description: |- + Storage version of v1api20200601.ResourceGroup + Generator information: + - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json + - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -39572,10 +60790,14 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string location: type: string @@ -39589,12 +60811,16 @@ spec: type: object type: object status: - description: Storage version of v1api20200601.ResourceGroup_STATUS Resource group information. + description: |- + Storage version of v1api20200601.ResourceGroup_STATUS + Resource group information. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object conditions: items: @@ -39608,14 +60834,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -39639,12 +60874,16 @@ spec: name: type: string properties: - description: Storage version of v1api20200601.ResourceGroupProperties_STATUS The resource group properties. + description: |- + Storage version of v1api20200601.ResourceGroupProperties_STATUS + The resource group properties. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object provisioningState: type: string @@ -39667,10 +60906,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: virtualnetworks.network.azure.com spec: conversion: @@ -39709,13 +60948,25 @@ spec: name: v1api20201101 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}' + description: |- + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -39731,7 +60982,9 @@ spec: type: array type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string bgpCommunities: description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' @@ -39749,7 +61002,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -39773,7 +61029,9 @@ spec: type: array type: object enableDdosProtection: - description: 'EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It requires a DDoS protection plan associated with the resource.' + description: |- + EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It + requires a DDoS protection plan associated with the resource. type: boolean enableVmProtection: description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' @@ -39802,7 +61060,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -39821,7 +61082,10 @@ spec: description: 'Location: Resource location.' type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -39873,14 +61137,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -39912,7 +61185,9 @@ spec: type: array type: object enableDdosProtection: - description: 'EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It requires a DDoS protection plan associated with the resource.' + description: |- + EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It + requires a DDoS protection plan associated with the resource. type: boolean enableVmProtection: description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' @@ -39985,13 +61260,26 @@ spec: name: v1api20201101storage schema: openAPIV3Schema: - description: 'Storage version of v1api20201101.VirtualNetwork Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}' + description: |- + Storage version of v1api20201101.VirtualNetwork + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -40001,15 +61289,21 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object addressSpace: - description: Storage version of v1api20201101.AddressSpace AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. + description: |- + Storage version of v1api20201101.AddressSpace + AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object addressPrefixes: items: @@ -40017,32 +61311,45 @@ spec: type: array type: object azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string bgpCommunities: - description: Storage version of v1api20201101.VirtualNetworkBgpCommunities Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. + description: |- + Storage version of v1api20201101.VirtualNetworkBgpCommunities + Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object virtualNetworkCommunity: type: string type: object ddosProtectionPlan: - description: Storage version of v1api20201101.SubResource Reference to another subresource. + description: |- + Storage version of v1api20201101.SubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40057,12 +61364,17 @@ spec: type: object type: object dhcpOptions: - description: Storage version of v1api20201101.DhcpOptions DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for a subnet overrides VNET DHCP options. + description: |- + Storage version of v1api20201101.DhcpOptions + DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for + a subnet overrides VNET DHCP options. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServers: items: @@ -40074,12 +61386,16 @@ spec: enableVmProtection: type: boolean extendedLocation: - description: Storage version of v1api20201101.ExtendedLocation ExtendedLocation complex type. + description: |- + Storage version of v1api20201101.ExtendedLocation + ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -40088,18 +61404,25 @@ spec: type: object ipAllocations: items: - description: Storage version of v1api20201101.SubResource Reference to another subresource. + description: |- + Storage version of v1api20201101.SubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40119,7 +61442,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -40136,20 +61462,28 @@ spec: - owner type: object status: - description: Storage version of v1api20201101.VirtualNetwork_STATUS Virtual Network resource. + description: |- + Storage version of v1api20201101.VirtualNetwork_STATUS + Virtual Network resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object addressSpace: - description: Storage version of v1api20201101.AddressSpace_STATUS AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. + description: |- + Storage version of v1api20201101.AddressSpace_STATUS + AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object addressPrefixes: items: @@ -40157,12 +61491,16 @@ spec: type: array type: object bgpCommunities: - description: Storage version of v1api20201101.VirtualNetworkBgpCommunities_STATUS Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. + description: |- + Storage version of v1api20201101.VirtualNetworkBgpCommunities_STATUS + Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object regionalCommunity: type: string @@ -40181,14 +61519,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -40204,23 +61551,32 @@ spec: type: object type: array ddosProtectionPlan: - description: Storage version of v1api20201101.SubResource_STATUS Reference to another subresource. + description: |- + Storage version of v1api20201101.SubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string type: object dhcpOptions: - description: Storage version of v1api20201101.DhcpOptions_STATUS DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for a subnet overrides VNET DHCP options. + description: |- + Storage version of v1api20201101.DhcpOptions_STATUS + DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for + a subnet overrides VNET DHCP options. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object dnsServers: items: @@ -40234,12 +61590,16 @@ spec: etag: type: string extendedLocation: - description: Storage version of v1api20201101.ExtendedLocation_STATUS ExtendedLocation complex type. + description: |- + Storage version of v1api20201101.ExtendedLocation_STATUS + ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -40250,12 +61610,16 @@ spec: type: string ipAllocations: items: - description: Storage version of v1api20201101.SubResource_STATUS Reference to another subresource. + description: |- + Storage version of v1api20201101.SubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -40287,10 +61651,10 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: azureserviceoperator-system/azureserviceoperator-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: azure-service-operator - app.kubernetes.io/version: v2.6.0 + app.kubernetes.io/version: v2.8.0 name: virtualnetworkssubnets.network.azure.com spec: conversion: @@ -40329,13 +61693,25 @@ spec: name: v1api20201101 schema: openAPIV3Schema: - description: 'Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -40358,7 +61734,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40374,7 +61753,9 @@ spec: type: object type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string delegations: description: 'Delegations: An array of references to the delegations on the subnet.' @@ -40398,7 +61779,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40420,7 +61804,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40441,7 +61828,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40456,7 +61846,10 @@ spec: type: object type: object owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a network.azure.com/VirtualNetwork resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a network.azure.com/VirtualNetwork resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -40484,7 +61877,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40507,7 +61903,10 @@ spec: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40573,14 +61972,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -40698,7 +62106,9 @@ spec: description: 'ProvisioningState: The provisioning state of the subnet resource.' type: string purpose: - description: 'Purpose: A read-only string identifying the intention of use for this subnet based on delegations and other user-defined properties.' + description: |- + Purpose: A read-only string identifying the intention of use for this subnet based on delegations and other user-defined + properties. type: string resourceNavigationLinks: description: 'ResourceNavigationLinks: An array of references to the external resources using subnet.' @@ -40780,13 +62190,26 @@ spec: name: v1api20201101storage schema: openAPIV3Schema: - description: 'Storage version of v1api20201101.VirtualNetworksSubnet Generator information: - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}' + description: |- + Storage version of v1api20201101.VirtualNetworksSubnet + Generator information: + - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json + - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -40796,7 +62219,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object addressPrefix: type: string @@ -40806,18 +62231,25 @@ spec: type: array applicationGatewayIpConfigurations: items: - description: Storage version of v1api20201101.ApplicationGatewayIPConfiguration_VirtualNetworks_Subnet_SubResourceEmbedded IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. + description: |- + Storage version of v1api20201101.ApplicationGatewayIPConfiguration_VirtualNetworks_Subnet_SubResourceEmbedded + IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40833,16 +62265,22 @@ spec: type: object type: array azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + description: |- + AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it + doesn't have to be. type: string delegations: items: - description: Storage version of v1api20201101.Delegation Details the service to which the subnet is delegated. + description: |- + Storage version of v1api20201101.Delegation + Details the service to which the subnet is delegated. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -40852,18 +62290,25 @@ spec: type: array ipAllocations: items: - description: Storage version of v1api20201101.SubResource Reference to another subresource. + description: |- + Storage version of v1api20201101.SubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40879,18 +62324,25 @@ spec: type: object type: array natGateway: - description: Storage version of v1api20201101.SubResource Reference to another subresource. + description: |- + Storage version of v1api20201101.SubResource + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40905,18 +62357,25 @@ spec: type: object type: object networkSecurityGroup: - description: Storage version of v1api20201101.NetworkSecurityGroupSpec_VirtualNetworks_Subnet_SubResourceEmbedded NetworkSecurityGroup resource. + description: |- + Storage version of v1api20201101.NetworkSecurityGroupSpec_VirtualNetworks_Subnet_SubResourceEmbedded + NetworkSecurityGroup resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40933,7 +62392,10 @@ spec: originalVersion: type: string owner: - description: 'Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a network.azure.com/VirtualNetwork resource' + description: |- + Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also + controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a + reference to a network.azure.com/VirtualNetwork resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) @@ -40947,18 +62409,25 @@ spec: privateLinkServiceNetworkPolicies: type: string routeTable: - description: Storage version of v1api20201101.RouteTableSpec_VirtualNetworks_Subnet_SubResourceEmbedded Route table resource. + description: |- + Storage version of v1api20201101.RouteTableSpec_VirtualNetworks_Subnet_SubResourceEmbedded + Route table resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -40974,18 +62443,25 @@ spec: type: object serviceEndpointPolicies: items: - description: Storage version of v1api20201101.ServiceEndpointPolicySpec_VirtualNetworks_Subnet_SubResourceEmbedded Service End point policy resource. + description: |- + Storage version of v1api20201101.ServiceEndpointPolicySpec_VirtualNetworks_Subnet_SubResourceEmbedded + Service End point policy resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object reference: description: 'Reference: Resource ID.' properties: armId: - description: ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level ARMID is mutually exclusive with Group, Kind, Namespace and Name. + description: |- + ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level + ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: @@ -41002,12 +62478,16 @@ spec: type: array serviceEndpoints: items: - description: Storage version of v1api20201101.ServiceEndpointPropertiesFormat The service endpoint properties. + description: |- + Storage version of v1api20201101.ServiceEndpointPropertiesFormat + The service endpoint properties. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object locations: items: @@ -41026,7 +62506,9 @@ spec: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object addressPrefix: type: string @@ -41036,12 +62518,16 @@ spec: type: array applicationGatewayIpConfigurations: items: - description: Storage version of v1api20201101.ApplicationGatewayIPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. + description: |- + Storage version of v1api20201101.ApplicationGatewayIPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -41059,14 +62545,23 @@ spec: description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 type: integer reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + description: |- + Reason for the condition's last transition. + Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + description: |- + Severity with which to treat failures of this type of condition. + For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True + For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. + This is omitted in all cases when Status == Unknown type: string status: description: Status of the condition, one of True, False, or Unknown. @@ -41083,12 +62578,16 @@ spec: type: array delegations: items: - description: Storage version of v1api20201101.Delegation_STATUS Details the service to which the subnet is delegated. + description: |- + Storage version of v1api20201101.Delegation_STATUS + Details the service to which the subnet is delegated. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object actions: items: @@ -41114,12 +62613,16 @@ spec: type: string ipAllocations: items: - description: Storage version of v1api20201101.SubResource_STATUS Reference to another subresource. + description: |- + Storage version of v1api20201101.SubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -41127,12 +62630,16 @@ spec: type: array ipConfigurationProfiles: items: - description: Storage version of v1api20201101.IPConfigurationProfile_STATUS IP configuration profile child resource. + description: |- + Storage version of v1api20201101.IPConfigurationProfile_STATUS + IP configuration profile child resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -41140,12 +62647,16 @@ spec: type: array ipConfigurations: items: - description: Storage version of v1api20201101.IPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded IP configuration. + description: |- + Storage version of v1api20201101.IPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + IP configuration. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -41154,23 +62665,31 @@ spec: name: type: string natGateway: - description: Storage version of v1api20201101.SubResource_STATUS Reference to another subresource. + description: |- + Storage version of v1api20201101.SubResource_STATUS + Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string type: object networkSecurityGroup: - description: Storage version of v1api20201101.NetworkSecurityGroup_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded NetworkSecurityGroup resource. + description: |- + Storage version of v1api20201101.NetworkSecurityGroup_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + NetworkSecurityGroup resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -41179,12 +62698,16 @@ spec: type: string privateEndpoints: items: - description: Storage version of v1api20201101.PrivateEndpoint_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded Private endpoint resource. + description: |- + Storage version of v1api20201101.PrivateEndpoint_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Private endpoint resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -41198,36 +62721,48 @@ spec: type: string resourceNavigationLinks: items: - description: Storage version of v1api20201101.ResourceNavigationLink_STATUS ResourceNavigationLink resource. + description: |- + Storage version of v1api20201101.ResourceNavigationLink_STATUS + ResourceNavigationLink resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string type: object type: array routeTable: - description: Storage version of v1api20201101.RouteTable_STATUS_SubResourceEmbedded Route table resource. + description: |- + Storage version of v1api20201101.RouteTable_STATUS_SubResourceEmbedded + Route table resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string type: object serviceAssociationLinks: items: - description: Storage version of v1api20201101.ServiceAssociationLink_STATUS ServiceAssociationLink resource. + description: |- + Storage version of v1api20201101.ServiceAssociationLink_STATUS + ServiceAssociationLink resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -41235,12 +62770,16 @@ spec: type: array serviceEndpointPolicies: items: - description: Storage version of v1api20201101.ServiceEndpointPolicy_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded Service End point policy resource. + description: |- + Storage version of v1api20201101.ServiceEndpointPolicy_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded + Service End point policy resource. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -41248,12 +62787,16 @@ spec: type: array serviceEndpoints: items: - description: Storage version of v1api20201101.ServiceEndpointPropertiesFormat_STATUS The service endpoint properties. + description: |- + Storage version of v1api20201101.ServiceEndpointPropertiesFormat_STATUS + The service endpoint properties. properties: $propertyBag: additionalProperties: type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + description: |- + PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage + resources, allowing for full fidelity round trip conversions type: object locations: items: diff --git a/config/aso/kustomization.yaml b/config/aso/kustomization.yaml index 3716340936e..c8eb518d673 100644 --- a/config/aso/kustomization.yaml +++ b/config/aso/kustomization.yaml @@ -2,64 +2,63 @@ apiVersion: kustomize.config.k8s.io/v1alpha1 kind: Component namespace: capz-system resources: -- https://github.com/Azure/azure-service-operator/releases/download/v2.6.0/azureserviceoperator_v2.6.0.yaml +- https://github.com/Azure/azure-service-operator/releases/download/v2.8.0/azureserviceoperator_v2.8.0.yaml - crds.yaml - settings.yaml patches: - - path: patches/visualizer_label_in_bastionhosts.yaml - - path: patches/visualizer_label_in_extensions.yaml - - path: patches/visualizer_label_in_fleetmembers.yaml - - path: patches/visualizer_label_in_managedclusteragentpools.yaml - - path: patches/visualizer_label_in_managed_clusters.yaml - - path: patches/visualizer_label_in_natgateways.yaml - - path: patches/visualizer_label_in_privateendpoints.yaml - - path: patches/visualizer_label_in_resourcegroups.yaml - - path: patches/visualizer_label_in_subnets.yaml - - path: patches/visualizer_label_in_virtualnetworks.yaml - - patch: |- # default kustomization includes a namespace already - $patch: delete - apiVersion: v1 - kind: Namespace - metadata: - name: azureserviceoperator-system - - patch: |- - - op: test - path: /spec/template/spec/containers/0/args/4 - value: --crd-pattern= - - op: replace # Users can specify additional ASO CRDs. CRDs should be appended with ';' - path: /spec/template/spec/containers/0/args/4 - value: --crd-pattern=${ADDITIONAL_ASO_CRDS:= } - target: - group: apps - version: v1 - kind: Deployment - name: azureserviceoperator-controller-manager +- path: patches/visualizer_label_in_bastionhosts.yaml +- path: patches/visualizer_label_in_extensions.yaml +- path: patches/visualizer_label_in_fleetmembers.yaml +- path: patches/visualizer_label_in_managedclusteragentpools.yaml +- path: patches/visualizer_label_in_managed_clusters.yaml +- path: patches/visualizer_label_in_natgateways.yaml +- path: patches/visualizer_label_in_privateendpoints.yaml +- path: patches/visualizer_label_in_resourcegroups.yaml +- path: patches/visualizer_label_in_subnets.yaml +- path: patches/visualizer_label_in_virtualnetworks.yaml +- patch: |- # default kustomization includes a namespace already + $patch: delete + apiVersion: v1 + kind: Namespace + metadata: + name: azureserviceoperator-system +- patch: |- + - op: test + path: /spec/template/spec/containers/0/args/6 + value: --crd-pattern= + - op: replace # Users can specify additional ASO CRDs. CRDs should be appended with ';' + path: /spec/template/spec/containers/0/args/6 + value: --crd-pattern=${ADDITIONAL_ASO_CRDS:= } + target: + group: apps + kind: Deployment + name: azureserviceoperator-controller-manager + version: v1 replacements: - - source: - kind: Certificate - group: cert-manager.io +- source: + fieldPath: metadata.namespace + group: cert-manager.io + kind: Certificate + name: azureserviceoperator-serving-cert + version: v1 + targets: + - fieldPaths: + - metadata.annotations.cert-manager\.io/inject-ca-from + options: + delimiter: / + select: + annotationSelector: cert-manager.io/inject-ca-from version: v1 + - fieldPaths: + - spec.dnsNames.0 + - spec.dnsNames.1 + options: + delimiter: . + index: 1 + select: + group: cert-manager.io + kind: Certificate name: azureserviceoperator-serving-cert - fieldPath: metadata.namespace - targets: - - select: - version: v1 - annotationSelector: cert-manager.io/inject-ca-from - fieldPaths: - - metadata.annotations.cert-manager\.io/inject-ca-from - options: - delimiter: / - index: 0 - - select: - group: cert-manager.io - version: v1 - kind: Certificate - name: azureserviceoperator-serving-cert - fieldPaths: - - spec.dnsNames.0 - - spec.dnsNames.1 - options: - delimiter: . - index: 1 + version: v1 diff --git a/config/aso/settings.yaml b/config/aso/settings.yaml index f7ab1b9ba8c..67ec7cf181c 100644 --- a/config/aso/settings.yaml +++ b/config/aso/settings.yaml @@ -7,7 +7,7 @@ stringData: AZURE_AUTHORITY_HOST: ${AZURE_AUTHORITY_HOST:=""} AZURE_RESOURCE_MANAGER_ENDPOINT: ${AZURE_RESOURCE_MANAGER_ENDPOINT:=""} AZURE_RESOURCE_MANAGER_AUDIENCE: ${AZURE_RESOURCE_MANAGER_AUDIENCE:=""} - AZURE_SYNC_PERIOD: ${AZURE_SYNC_PERIOD:="1h"} + AZURE_SYNC_PERIOD: ${AZURE_SYNC_PERIOD:=""} AZURE_USER_AGENT_SUFFIX: cluster-api-provider-azure/main # Per-resource Secrets will be created based on a Cluster's AzureClusterIdentity. AZURE_SUBSCRIPTION_ID: "" diff --git a/config/capz/kustomization.yaml b/config/capz/kustomization.yaml index d2845607c03..e9526cfeed5 100644 --- a/config/capz/kustomization.yaml +++ b/config/capz/kustomization.yaml @@ -1,5 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization namespace: capz-system - namePrefix: capz- # Labels to add to all resources and selectors. @@ -51,7 +52,6 @@ replacements: index: 1 select: annotationSelector: cert-manager.io/inject-ca-from - - source: # SERVICE_NAMESPACE fieldPath: metadata.namespace kind: Service @@ -79,7 +79,6 @@ replacements: name: serving-cert namespace: system version: v1 - - source: # SERVICE_NAME kind: Service name: webhook-service diff --git a/config/certmanager/kustomization.yaml b/config/certmanager/kustomization.yaml index 34e7e5b1262..0465e00710a 100644 --- a/config/certmanager/kustomization.yaml +++ b/config/certmanager/kustomization.yaml @@ -1,4 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization resources: - - certificate.yaml +- certificate.yaml configurations: - - kustomizeconfig.yaml +- kustomizeconfig.yaml diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedclusters.yaml index 49b8faf72ad..c846cc1f558 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedclusters.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedclusters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureasomanagedclusters.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedclustertemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedclustertemplates.yaml index b005e79b08e..8e50e0335fe 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedclustertemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedclustertemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureasomanagedclustertemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanes.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanes.yaml index 03f836c1171..3ee7e2f643d 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanes.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanes.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureasomanagedcontrolplanes.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanetemplates.yaml index eebb74bdc3c..9c7a6432b9e 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanetemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanetemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureasomanagedcontrolplanetemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepools.yaml index bff2045dd63..f2a97082b00 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepools.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepools.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureasomanagedmachinepools.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepooltemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepooltemplates.yaml index 0b58df77b03..d9271b4039a 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepooltemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepooltemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureasomanagedmachinepooltemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusteridentities.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusteridentities.yaml index dcc3b84ce12..f2aa1d67b9f 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusteridentities.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusteridentities.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureclusteridentities.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -105,11 +105,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -144,6 +146,9 @@ spec: description: |- ResourceID is the Azure resource ID for the User Assigned MSI resource. Only applicable when type is UserAssignedMSI. + + + Deprecated: This field no longer has any effect. type: string tenantID: description: TenantID is the service principal primary tenant id. diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml index 0b6f9404992..06dce94e2c1 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureclusters.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -307,7 +307,7 @@ spec: - node - control-plane - bastion - - all + - cluster type: string routeTable: description: RouteTable defines the route table that should @@ -1057,7 +1057,7 @@ spec: - node - control-plane - bastion - - all + - cluster type: string routeTable: description: RouteTable defines the route table that should diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml index 5b7c5571777..55af109a657 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azureclustertemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -204,7 +204,7 @@ spec: - node - control-plane - bastion - - all + - cluster type: string securityGroup: description: SecurityGroup defines the NSG (network @@ -698,7 +698,7 @@ spec: - node - control-plane - bastion - - all + - cluster type: string securityGroup: description: SecurityGroup defines the NSG (network diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepoolmachines.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepoolmachines.yaml index 9d45f1167c6..6c08ac25292 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepoolmachines.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepoolmachines.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremachinepoolmachines.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepools.yaml index 74f43e986cd..63bf19b5ff0 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepools.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepools.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremachinepools.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -578,6 +578,15 @@ spec: enum: - Local type: string + placement: + description: Placement specifies the ephemeral disk placement + for operating system disk. If placement is specified, + Option must be set to "Local". + enum: + - CacheDisk + - NvmeDisk + - ResourceDisk + type: string required: - option type: object diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachines.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachines.yaml index 7bbcf9b277a..1f5c71f6831 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachines.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachines.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremachines.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -114,6 +114,10 @@ spec: description: |- CapacityReservationGroupID specifies the capacity reservation group resource id that should be used for allocating the virtual machine. + The field size should be greater than 0 and the field input must start with '/'. + The input for capacityReservationGroupID must be similar to '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/capacityReservationGroups/{capacityReservationGroupName}'. + The keys which are used should be among 'subscriptions', 'providers' and 'resourcegroups' followed by valid ID or names respectively. + It is optional but may not be changed once set. type: string dataDisks: description: DataDisk specifies the parameters that are used to add @@ -494,6 +498,15 @@ spec: enum: - Local type: string + placement: + description: Placement specifies the ephemeral disk placement + for operating system disk. If placement is specified, Option + must be set to "Local". + enum: + - CacheDisk + - NvmeDisk + - ResourceDisk + type: string required: - option type: object diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinetemplates.yaml index c847db50640..b97aee1a572 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinetemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinetemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremachinetemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -128,6 +128,10 @@ spec: description: |- CapacityReservationGroupID specifies the capacity reservation group resource id that should be used for allocating the virtual machine. + The field size should be greater than 0 and the field input must start with '/'. + The input for capacityReservationGroupID must be similar to '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/capacityReservationGroups/{capacityReservationGroupName}'. + The keys which are used should be among 'subscriptions', 'providers' and 'resourcegroups' followed by valid ID or names respectively. + It is optional but may not be changed once set. type: string dataDisks: description: DataDisk specifies the parameters that are used @@ -509,6 +513,15 @@ spec: enum: - Local type: string + placement: + description: Placement specifies the ephemeral disk + placement for operating system disk. If placement + is specified, Option must be set to "Local". + enum: + - CacheDisk + - NvmeDisk + - ResourceDisk + type: string required: - option type: object diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedclusters.yaml index 611e4e9d47b..63913baf0b7 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedclusters.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedclusters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremanagedclusters.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedclustertemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedclustertemplates.yaml index b8fe4c5f35d..e47f2e1d6df 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedclustertemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedclustertemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremanagedclustertemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml index d9060a7ea8d..793746a4144 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremanagedcontrolplanes.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml index 0a27de7ca84..63f4e72dd41 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremanagedcontrolplanetemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepools.yaml index 58554f318f9..6ece0da501d 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepools.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepools.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremanagedmachinepools.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepooltemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepooltemplates.yaml index b750881349a..8aab129395f 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepooltemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepooltemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: azuremanagedmachinepooltemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 034f69d532b..e90153253af 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -1,79 +1,80 @@ # This kustomization.yaml is not intended to be run by itself, # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization resources: - - bases/infrastructure.cluster.x-k8s.io_azuremachines.yaml - - bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml - - bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremachinetemplates.yaml - - bases/infrastructure.cluster.x-k8s.io_azureclusteridentities.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremachinepools.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepools.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremanagedclusters.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremachinepoolmachines.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremanagedclustertemplates.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml - - bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepooltemplates.yaml - - bases/infrastructure.cluster.x-k8s.io_azureasomanagedclusters.yaml - - bases/infrastructure.cluster.x-k8s.io_azureasomanagedclustertemplates.yaml - - bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanes.yaml - - bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanetemplates.yaml - - bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepools.yaml - - bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepooltemplates.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremachines.yaml +- bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml +- bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremachinetemplates.yaml +- bases/infrastructure.cluster.x-k8s.io_azureclusteridentities.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremachinepools.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepools.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremanagedclusters.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremachinepoolmachines.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremanagedclustertemplates.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml +- bases/infrastructure.cluster.x-k8s.io_azuremanagedmachinepooltemplates.yaml +- bases/infrastructure.cluster.x-k8s.io_azureasomanagedclusters.yaml +- bases/infrastructure.cluster.x-k8s.io_azureasomanagedclustertemplates.yaml +- bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanes.yaml +- bases/infrastructure.cluster.x-k8s.io_azureasomanagedcontrolplanetemplates.yaml +- bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepools.yaml +- bases/infrastructure.cluster.x-k8s.io_azureasomanagedmachinepooltemplates.yaml # +kubebuilder:scaffold:crdkustomizeresource - patches: - # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. - # patches here are for enabling the conversion webhook for each CRD - - path: patches/webhook_in_azuremachines.yaml - - path: patches/webhook_in_azureclusters.yaml - - path: patches/webhook_in_azureclustertemplates.yaml - - path: patches/webhook_in_azureclusteridentities.yaml - - path: patches/webhook_in_azuremachinetemplates.yaml - - path: patches/webhook_in_azuremachinepools.yaml - - path: patches/webhook_in_azuremachinepoolmachines.yaml - # - path: patches/webhook_in_azuremanagedmachinepools.yaml - # - path: patches/webhook_in_azuremanagedclusters.yaml - # - path: patches/webhook_in_azuremanagedcontrolplanes.yaml - # +kubebuilder:scaffold:crdkustomizewebhookpatch +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. +# patches here are for enabling the conversion webhook for each CRD +- path: patches/webhook_in_azuremachines.yaml +- path: patches/webhook_in_azureclusters.yaml +- path: patches/webhook_in_azureclustertemplates.yaml +- path: patches/webhook_in_azureclusteridentities.yaml +- path: patches/webhook_in_azuremachinetemplates.yaml +- path: patches/webhook_in_azuremachinepools.yaml +- path: patches/webhook_in_azuremachinepoolmachines.yaml +# - path: patches/webhook_in_azuremanagedmachinepools.yaml +# - path: patches/webhook_in_azuremanagedclusters.yaml +# - path: patches/webhook_in_azuremanagedcontrolplanes.yaml +# +kubebuilder:scaffold:crdkustomizewebhookpatch - # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. - # patches here are for enabling the CA injection for each CRD - - path: patches/cainjection_in_azuremachines.yaml - - path: patches/cainjection_in_azureclusters.yaml - - path: patches/cainjection_in_azureclustertemplates.yaml - - path: patches/cainjection_in_azureclusteridentities.yaml - - path: patches/cainjection_in_azuremachinetemplates.yaml - - path: patches/cainjection_in_azuremachinepools.yaml - - path: patches/cainjection_in_azuremachinepoolmachines.yaml - # - path: patches/cainjection_in_azuremanagedmachinepools.yaml - # - path: patches/cainjection_in_azuremanagedclusters.yaml - # - path: patches/cainjection_in_azuremanagedcontrolplanes.yaml - # +kubebuilder:scaffold:crdkustomizecainjectionpatch +# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. +# patches here are for enabling the CA injection for each CRD +- path: patches/cainjection_in_azuremachines.yaml +- path: patches/cainjection_in_azureclusters.yaml +- path: patches/cainjection_in_azureclustertemplates.yaml +- path: patches/cainjection_in_azureclusteridentities.yaml +- path: patches/cainjection_in_azuremachinetemplates.yaml +- path: patches/cainjection_in_azuremachinepools.yaml +- path: patches/cainjection_in_azuremachinepoolmachines.yaml +# - path: patches/cainjection_in_azuremanagedmachinepools.yaml +# - path: patches/cainjection_in_azuremanagedclusters.yaml +# - path: patches/cainjection_in_azuremanagedcontrolplanes.yaml +# +kubebuilder:scaffold:crdkustomizecainjectionpatch - - path: patches/capicontract_in_azuremachines.yaml - - path: patches/capicontract_in_azureclusters.yaml - - path: patches/capicontract_in_azureclustertemplates.yaml - - path: patches/capicontract_in_azuremachinetemplates.yaml - - path: patches/capicontract_in_azureclusteridentities.yaml - - path: patches/capicontract_in_azuremachinepools.yaml - - path: patches/capicontract_in_azuremanagedmachinepools.yaml - - path: patches/capicontract_in_azuremanagedclusters.yaml - - path: patches/capicontract_in_azuremanagedcontrolplanes.yaml - - path: patches/capicontract_in_azuremachinepoolmachines.yaml - - path: patches/capicontract_in_azuremanagedclustertemplates.yaml - - path: patches/capicontract_in_azuremanagedcontrolplanetemplates.yaml - - path: patches/capicontract_in_azuremanagedmachinepooltemplates.yaml - - path: patches/capicontract_in_azureasomanagedclusters.yaml - - path: patches/capicontract_in_azureasomanagedclustertemplates.yaml - - path: patches/capicontract_in_azureasomanagedcontrolplanes.yaml - - path: patches/capicontract_in_azureasomanagedcontrolplanetemplates.yaml - - path: patches/capicontract_in_azureasomanagedmachinepools.yaml - - path: patches/capicontract_in_azureasomanagedmachinepooltemplates.yaml +- path: patches/capicontract_in_azuremachines.yaml +- path: patches/capicontract_in_azureclusters.yaml +- path: patches/capicontract_in_azureclustertemplates.yaml +- path: patches/capicontract_in_azuremachinetemplates.yaml +- path: patches/capicontract_in_azureclusteridentities.yaml +- path: patches/capicontract_in_azuremachinepools.yaml +- path: patches/capicontract_in_azuremanagedmachinepools.yaml +- path: patches/capicontract_in_azuremanagedclusters.yaml +- path: patches/capicontract_in_azuremanagedcontrolplanes.yaml +- path: patches/capicontract_in_azuremachinepoolmachines.yaml +- path: patches/capicontract_in_azuremanagedclustertemplates.yaml +- path: patches/capicontract_in_azuremanagedcontrolplanetemplates.yaml +- path: patches/capicontract_in_azuremanagedmachinepooltemplates.yaml +- path: patches/capicontract_in_azureasomanagedclusters.yaml +- path: patches/capicontract_in_azureasomanagedclustertemplates.yaml +- path: patches/capicontract_in_azureasomanagedcontrolplanes.yaml +- path: patches/capicontract_in_azureasomanagedcontrolplanetemplates.yaml +- path: patches/capicontract_in_azureasomanagedmachinepools.yaml +- path: patches/capicontract_in_azureasomanagedmachinepooltemplates.yaml # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: - - kustomizeconfig.yaml +- kustomizeconfig.yaml diff --git a/config/crd/patches/webhook_in_azureclusteridentities.yaml b/config/crd/patches/webhook_in_azureclusteridentities.yaml index 8ce335e05e2..828e5802df0 100644 --- a/config/crd/patches/webhook_in_azureclusteridentities.yaml +++ b/config/crd/patches/webhook_in_azureclusteridentities.yaml @@ -10,9 +10,6 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service diff --git a/config/crd/patches/webhook_in_azureclusters.yaml b/config/crd/patches/webhook_in_azureclusters.yaml index aef170df8df..2b8e16ae20a 100644 --- a/config/crd/patches/webhook_in_azureclusters.yaml +++ b/config/crd/patches/webhook_in_azureclusters.yaml @@ -10,10 +10,7 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service - path: /convert \ No newline at end of file + path: /convert diff --git a/config/crd/patches/webhook_in_azureclustertemplates.yaml b/config/crd/patches/webhook_in_azureclustertemplates.yaml index 7feca2d37cb..aa2bb0addfc 100644 --- a/config/crd/patches/webhook_in_azureclustertemplates.yaml +++ b/config/crd/patches/webhook_in_azureclustertemplates.yaml @@ -9,10 +9,7 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service - path: /convert \ No newline at end of file + path: /convert diff --git a/config/crd/patches/webhook_in_azuremachinepoolmachines.yaml b/config/crd/patches/webhook_in_azuremachinepoolmachines.yaml index 86906dd573d..d3198165a6d 100644 --- a/config/crd/patches/webhook_in_azuremachinepoolmachines.yaml +++ b/config/crd/patches/webhook_in_azuremachinepoolmachines.yaml @@ -10,9 +10,6 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service diff --git a/config/crd/patches/webhook_in_azuremachinepools.yaml b/config/crd/patches/webhook_in_azuremachinepools.yaml index 9a48cc041fb..fbed7b20201 100644 --- a/config/crd/patches/webhook_in_azuremachinepools.yaml +++ b/config/crd/patches/webhook_in_azuremachinepools.yaml @@ -10,9 +10,6 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service diff --git a/config/crd/patches/webhook_in_azuremachines.yaml b/config/crd/patches/webhook_in_azuremachines.yaml index 99b86bde456..c8f157db72b 100644 --- a/config/crd/patches/webhook_in_azuremachines.yaml +++ b/config/crd/patches/webhook_in_azuremachines.yaml @@ -10,10 +10,7 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service - path: /convert \ No newline at end of file + path: /convert diff --git a/config/crd/patches/webhook_in_azuremachinetemplates.yaml b/config/crd/patches/webhook_in_azuremachinetemplates.yaml index 7172830d71c..a499e949fa7 100644 --- a/config/crd/patches/webhook_in_azuremachinetemplates.yaml +++ b/config/crd/patches/webhook_in_azuremachinetemplates.yaml @@ -10,10 +10,7 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service - path: /convert \ No newline at end of file + path: /convert diff --git a/config/crd/patches/webhook_in_azuremanagedclusters.yaml b/config/crd/patches/webhook_in_azuremanagedclusters.yaml index 8bdb4c52ee4..50720c95ff9 100644 --- a/config/crd/patches/webhook_in_azuremanagedclusters.yaml +++ b/config/crd/patches/webhook_in_azuremanagedclusters.yaml @@ -10,10 +10,7 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service - path: /convert \ No newline at end of file + path: /convert diff --git a/config/crd/patches/webhook_in_azuremanagedcontrolplanes.yaml b/config/crd/patches/webhook_in_azuremanagedcontrolplanes.yaml index 75b6a35d3ee..0bf15cf00e1 100644 --- a/config/crd/patches/webhook_in_azuremanagedcontrolplanes.yaml +++ b/config/crd/patches/webhook_in_azuremanagedcontrolplanes.yaml @@ -10,9 +10,6 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service diff --git a/config/crd/patches/webhook_in_azuremanagedmachinepools.yaml b/config/crd/patches/webhook_in_azuremanagedmachinepools.yaml index 56d835308e7..dd7b87d07b7 100644 --- a/config/crd/patches/webhook_in_azuremanagedmachinepools.yaml +++ b/config/crd/patches/webhook_in_azuremanagedmachinepools.yaml @@ -10,9 +10,6 @@ spec: webhook: conversionReviewVersions: ["v1", "v1beta1"] clientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== service: namespace: system name: webhook-service diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index e6a4f0ca5ed..1e57a9c9491 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,24 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization resources: - - ../capz +- ../capz # Disable ASO in openshift until we fix CRD ownership issue. #components: # - ../aso replacements: - - source: - kind: Deployment - name: capz-controller-manager - fieldPath: spec.template.spec.containers.[name=manager].image - options: - delimiter: ':' - index: 1 - targets: - - select: - kind: Secret - name: aso-controller-settings - fieldPaths: - - stringData.AZURE_USER_AGENT_SUFFIX - options: - delimiter: '/' - index: 1 +- source: + fieldPath: spec.template.spec.containers.[name=manager].image + kind: Deployment + name: capz-controller-manager + options: + delimiter: ':' + index: 1 + targets: + - fieldPaths: + - stringData.AZURE_USER_AGENT_SUFFIX + options: + delimiter: / + index: 1 + select: + kind: Secret + name: aso-controller-settings diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 96c47e355bb..99cf0f7457d 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,5 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - manager.yaml - +- manager.yaml diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 20e88ffab2c..b70a13a0bd6 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -24,7 +24,7 @@ spec: - --leader-elect - "--diagnostics-address=${CAPZ_DIAGNOSTICS_ADDRESS:=:8443}" - "--insecure-diagnostics=${CAPZ_INSECURE_DIAGNOSTICS:=false}" - - "--feature-gates=MachinePool=${EXP_MACHINE_POOL:=false},AKSResourceHealth=${EXP_AKS_RESOURCE_HEALTH:=false},EdgeZone=${EXP_EDGEZONE:=false},ASOAPI=${EXP_ASO_API:=false}" + - "--feature-gates=MachinePool=${EXP_MACHINE_POOL:=false},AKSResourceHealth=${EXP_AKS_RESOURCE_HEALTH:=false},EdgeZone=${EXP_EDGEZONE:=false},ASOAPI=${EXP_ASO_API:=true}" - "--v=0" image: controller:latest imagePullPolicy: Always diff --git a/config/rbac/aggregation_role.yaml b/config/rbac/aggregation_role.yaml new file mode 100644 index 00000000000..29585917919 --- /dev/null +++ b/config/rbac/aggregation_role.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: manager-role +aggregationRule: + clusterRoleSelectors: + - matchLabels: + cluster.x-k8s.io/aggregate-to-capz-manager: "true" +rules: [] diff --git a/config/rbac/capz_manager_role_patch.yaml b/config/rbac/capz_manager_role_patch.yaml new file mode 100644 index 00000000000..1c25d14e7bf --- /dev/null +++ b/config/rbac/capz_manager_role_patch.yaml @@ -0,0 +1,6 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: base-manager-role + labels: + cluster.x-k8s.io/aggregate-to-capz-manager: "true" diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 74bb4da487b..c9cfa1c0782 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,8 +1,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - role.yaml - - role_binding.yaml - - service_account.yaml - - leader_election_role.yaml - - leader_election_role_binding.yaml +- role.yaml +- aggregation_role.yaml +- role_binding.yaml +- service_account.yaml +- leader_election_role.yaml +- leader_election_role_binding.yaml + +patches: +- path: capz_manager_role_patch.yaml \ No newline at end of file diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index d1883654504..eb76b94f586 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: manager-role + name: base-manager-role rules: - apiGroups: - "" diff --git a/config/webhook/kustomization.yaml b/config/webhook/kustomization.yaml index 7feb516a71f..4e6732d9810 100644 --- a/config/webhook/kustomization.yaml +++ b/config/webhook/kustomization.yaml @@ -1,6 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization resources: - - manifests.yaml - - service.yaml +- manifests.yaml +- service.yaml configurations: - - kustomizeconfig.yaml +- kustomizeconfig.yaml diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index ef09112747f..de5ab8e6417 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -211,20 +211,18 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azurecluster + path: /validate-infrastructure-cluster-x-k8s-io-v1alpha1-azureasomanagedcluster failurePolicy: Fail - matchPolicy: Equivalent - name: validation.azurecluster.infrastructure.cluster.x-k8s.io + name: validation.azureasomanagedcluster.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io apiVersions: - - v1beta1 + - v1alpha1 operations: - CREATE - - UPDATE resources: - - azureclusters + - azureasomanagedclusters sideEffects: None - admissionReviewVersions: - v1 @@ -233,20 +231,18 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azureclusteridentity + path: /validate-infrastructure-cluster-x-k8s-io-v1alpha1-azureasomanagedcontrolplane failurePolicy: Fail - matchPolicy: Equivalent - name: validation.azureclusteridentity.infrastructure.cluster.x-k8s.io + name: validation.azureasomanagedcontrolplane.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io apiVersions: - - v1beta1 + - v1alpha1 operations: - CREATE - - UPDATE resources: - - azureclusteridentities + - azureasomanagedcontrolplanes sideEffects: None - admissionReviewVersions: - v1 @@ -255,20 +251,18 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azureclustertemplate + path: /validate-infrastructure-cluster-x-k8s-io-v1alpha1-azureasomanagedmachinepool failurePolicy: Fail - matchPolicy: Equivalent - name: validation.azureclustertemplate.infrastructure.cluster.x-k8s.io + name: validation.azureasomanagedmachinepool.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io apiVersions: - - v1beta1 + - v1alpha1 operations: - CREATE - - UPDATE resources: - - azureclustertemplates + - azureasomanagedmachinepools sideEffects: None - admissionReviewVersions: - v1 @@ -277,10 +271,10 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremachine + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azurecluster failurePolicy: Fail matchPolicy: Equivalent - name: validation.azuremachine.infrastructure.cluster.x-k8s.io + name: validation.azurecluster.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io @@ -290,7 +284,7 @@ webhooks: - CREATE - UPDATE resources: - - azuremachines + - azureclusters sideEffects: None - admissionReviewVersions: - v1 @@ -299,10 +293,10 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremachinetemplate + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azureclusteridentity failurePolicy: Fail matchPolicy: Equivalent - name: validation.azuremachinetemplate.infrastructure.cluster.x-k8s.io + name: validation.azureclusteridentity.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io @@ -312,7 +306,7 @@ webhooks: - CREATE - UPDATE resources: - - azuremachinetemplates + - azureclusteridentities sideEffects: None - admissionReviewVersions: - v1 @@ -321,9 +315,10 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedcluster + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azureclustertemplate failurePolicy: Fail - name: validation.azuremanagedclusters.infrastructure.cluster.x-k8s.io + matchPolicy: Equivalent + name: validation.azureclustertemplate.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io @@ -333,7 +328,7 @@ webhooks: - CREATE - UPDATE resources: - - azuremanagedclusters + - azureclustertemplates sideEffects: None - admissionReviewVersions: - v1 @@ -342,18 +337,20 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedclustertemplate + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremachine failurePolicy: Fail - name: validation.azuremanagedclustertemplates.infrastructure.cluster.x-k8s.io + matchPolicy: Equivalent + name: validation.azuremachine.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io apiVersions: - v1beta1 operations: + - CREATE - UPDATE resources: - - azuremanagedclustertemplates + - azuremachines sideEffects: None - admissionReviewVersions: - v1 @@ -362,9 +359,10 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedcontrolplane + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremachinetemplate failurePolicy: Fail - name: validation.azuremanagedcontrolplanes.infrastructure.cluster.x-k8s.io + matchPolicy: Equivalent + name: validation.azuremachinetemplate.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io @@ -374,7 +372,7 @@ webhooks: - CREATE - UPDATE resources: - - azuremanagedcontrolplanes + - azuremachinetemplates sideEffects: None - admissionReviewVersions: - v1 @@ -383,9 +381,9 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedcontrolplanetemplate + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedcluster failurePolicy: Fail - name: validation.azuremanagedcontrolplanetemplates.infrastructure.cluster.x-k8s.io + name: validation.azuremanagedclusters.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io @@ -395,7 +393,7 @@ webhooks: - CREATE - UPDATE resources: - - azuremanagedcontrolplanetemplates + - azuremanagedclusters sideEffects: None - admissionReviewVersions: - v1 @@ -404,21 +402,18 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedmachinepool + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedclustertemplate failurePolicy: Fail - matchPolicy: Equivalent - name: validation.azuremanagedmachinepools.infrastructure.cluster.x-k8s.io + name: validation.azuremanagedclustertemplates.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io apiVersions: - v1beta1 operations: - - CREATE - UPDATE - - DELETE resources: - - azuremanagedmachinepools + - azuremanagedclustertemplates sideEffects: None - admissionReviewVersions: - v1 @@ -427,9 +422,9 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedmachinepooltemplate + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedcontrolplane failurePolicy: Fail - name: validation.azuremanagedmachinepooltemplates.infrastructure.cluster.x-k8s.io + name: validation.azuremanagedcontrolplanes.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io @@ -438,9 +433,8 @@ webhooks: operations: - CREATE - UPDATE - - DELETE resources: - - azuremanagedmachinepooltemplates + - azuremanagedcontrolplanes sideEffects: None - admissionReviewVersions: - v1 @@ -449,18 +443,19 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1alpha1-azureasomanagedcluster + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedcontrolplanetemplate failurePolicy: Fail - name: validation.azureasomanagedcluster.infrastructure.cluster.x-k8s.io + name: validation.azuremanagedcontrolplanetemplates.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io apiVersions: - - v1alpha1 + - v1beta1 operations: - CREATE + - UPDATE resources: - - azureasomanagedclusters + - azuremanagedcontrolplanetemplates sideEffects: None - admissionReviewVersions: - v1 @@ -469,18 +464,21 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1alpha1-azureasomanagedcontrolplane + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedmachinepool failurePolicy: Fail - name: validation.azureasomanagedcontrolplane.infrastructure.cluster.x-k8s.io + matchPolicy: Equivalent + name: validation.azuremanagedmachinepools.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io apiVersions: - - v1alpha1 + - v1beta1 operations: - CREATE + - UPDATE + - DELETE resources: - - azureasomanagedcontrolplanes + - azuremanagedmachinepools sideEffects: None - admissionReviewVersions: - v1 @@ -489,18 +487,20 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-infrastructure-cluster-x-k8s-io-v1alpha1-azureasomanagedmachinepool + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedmachinepooltemplate failurePolicy: Fail - name: validation.azureasomanagedmachinepool.infrastructure.cluster.x-k8s.io + name: validation.azuremanagedmachinepooltemplates.infrastructure.cluster.x-k8s.io rules: - apiGroups: - infrastructure.cluster.x-k8s.io apiVersions: - - v1alpha1 + - v1beta1 operations: - CREATE + - UPDATE + - DELETE resources: - - azureasomanagedmachinepools + - azuremanagedmachinepooltemplates sideEffects: None - admissionReviewVersions: - v1 diff --git a/exp/controllers/agentpooladopt_controller.go b/controllers/agentpooladopt_controller.go similarity index 84% rename from exp/controllers/agentpooladopt_controller.go rename to controllers/agentpooladopt_controller.go index 3c6dcf606c5..f5e6b26089f 100644 --- a/exp/controllers/agentpooladopt_controller.go +++ b/controllers/agentpooladopt_controller.go @@ -25,12 +25,13 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/utils/ptr" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" "sigs.k8s.io/cluster-api-provider-azure/util/tele" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" expv1 "sigs.k8s.io/cluster-api/exp/api/v1beta1" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/event" "sigs.k8s.io/controller-runtime/pkg/predicate" ) @@ -41,8 +42,9 @@ type AgentPoolAdoptReconciler struct { } // SetupWithManager sets up the controller with the Manager. -func (r *AgentPoolAdoptReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager) error { +func (r *AgentPoolAdoptReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, options controller.Options) error { _, err := ctrl.NewControllerManagedBy(mgr). + WithOptions(options). For(&asocontainerservicev1.ManagedClustersAgentPool{}). WithEventFilter(predicate.Funcs{ UpdateFunc: func(ev event.UpdateEvent) bool { @@ -76,13 +78,13 @@ func (r *AgentPoolAdoptReconciler) Reconcile(ctx context.Context, req ctrl.Reque return ctrl.Result{}, client.IgnoreNotFound(err) } - if agentPool.GetAnnotations()[adoptAnnotation] != "true" { + if agentPool.GetAnnotations()[adoptAnnotation] != adoptAnnotationValue { return ctrl.Result{}, nil } for _, owner := range agentPool.GetOwnerReferences() { - if owner.APIVersion == infrav1exp.GroupVersion.Identifier() && - owner.Kind == infrav1exp.AzureASOManagedMachinePoolKind { + if owner.APIVersion == infrav1alpha.GroupVersion.Identifier() && + owner.Kind == infrav1alpha.AzureASOManagedMachinePoolKind { return ctrl.Result{}, nil } } @@ -123,8 +125,8 @@ func (r *AgentPoolAdoptReconciler) Reconcile(ctx context.Context, req ctrl.Reque } var managedControlPlaneOwner *metav1.OwnerReference for _, owner := range managedCluster.GetOwnerReferences() { - if owner.APIVersion == infrav1exp.GroupVersion.Identifier() && - owner.Kind == infrav1exp.AzureASOManagedControlPlaneKind && + if owner.APIVersion == infrav1alpha.GroupVersion.Identifier() && + owner.Kind == infrav1alpha.AzureASOManagedControlPlaneKind && owner.Name == agentPool.Owner().Name { managedControlPlaneOwner = ptr.To(owner) break @@ -133,7 +135,7 @@ func (r *AgentPoolAdoptReconciler) Reconcile(ctx context.Context, req ctrl.Reque if managedControlPlaneOwner == nil { return ctrl.Result{}, fmt.Errorf("ManagedCluster %s is not owned by any AzureASOManagedControlPlane", managedClusterKey) } - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{} + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{} managedControlPlaneKey := client.ObjectKey{ Namespace: namespace, Name: managedControlPlaneOwner.Name, @@ -144,13 +146,13 @@ func (r *AgentPoolAdoptReconciler) Reconcile(ctx context.Context, req ctrl.Reque } clusterName := asoManagedControlPlane.Labels[clusterv1.ClusterNameLabel] - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Namespace: namespace, Name: agentPool.Name, }, - Spec: infrav1exp.AzureASOManagedMachinePoolSpec{ - AzureASOManagedMachinePoolTemplateResourceSpec: infrav1exp.AzureASOManagedMachinePoolTemplateResourceSpec{ + Spec: infrav1alpha.AzureASOManagedMachinePoolSpec{ + AzureASOManagedMachinePoolTemplateResourceSpec: infrav1alpha.AzureASOManagedMachinePoolTemplateResourceSpec{ Resources: []runtime.RawExtension{ {Object: agentPool}, }, @@ -173,8 +175,8 @@ func (r *AgentPoolAdoptReconciler) Reconcile(ctx context.Context, req ctrl.Reque }, ClusterName: clusterName, InfrastructureRef: corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedMachinePoolKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedMachinePoolKind, Name: asoManagedMachinePool.Name, }, }, @@ -184,7 +186,7 @@ func (r *AgentPoolAdoptReconciler) Reconcile(ctx context.Context, req ctrl.Reque if ptr.Deref(agentPool.Spec.EnableAutoScaling, false) { machinePool.Annotations = map[string]string{ - clusterv1.ReplicasManagedByAnnotation: infrav1exp.ReplicasManagedByAKS, + clusterv1.ReplicasManagedByAnnotation: infrav1alpha.ReplicasManagedByAKS, } } diff --git a/controllers/asosecret_controller.go b/controllers/asosecret_controller.go index e9cd1ba3516..87cf98ff8f0 100644 --- a/controllers/asosecret_controller.go +++ b/controllers/asosecret_controller.go @@ -38,11 +38,11 @@ import ( "sigs.k8s.io/cluster-api/util/annotations" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // ASOSecretReconciler reconciles ASO secrets associated with AzureCluster objects. @@ -61,46 +61,36 @@ func (asos *ASOSecretReconciler) SetupWithManager(ctx context.Context, mgr ctrl. ) defer done() - c, err := ctrl.NewControllerManagedBy(mgr). + return ctrl.NewControllerManagedBy(mgr). WithOptions(options). For(&infrav1.AzureCluster{}). WithEventFilter(predicates.ResourceNotPausedAndHasFilterLabel(log, asos.WatchFilterValue)). WithEventFilter(predicates.ResourceIsNotExternallyManaged(log)). Named("ASOSecret"). Owns(&corev1.Secret{}). - Build(asos) - if err != nil { - return errors.Wrap(err, "error creating controller") - } - - // Add a watch on infrav1.AzureManagedControlPlane. - if err = c.Watch( - source.Kind(mgr.GetCache(), &infrav1.AzureManagedControlPlane{}), - &handler.EnqueueRequestForObject{}, - predicates.ResourceNotPausedAndHasFilterLabel(log, asos.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for ready AzureManagedControlPlanes") - } - - // Add a watch on ASO secrets owned by an AzureManagedControlPlane - if err = c.Watch( - source.Kind(mgr.GetCache(), &corev1.Secret{}), - handler.EnqueueRequestForOwner(asos.Scheme(), asos.RESTMapper(), &infrav1.AzureManagedControlPlane{}, handler.OnlyControllerOwner()), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for secrets") - } - - // Add a watch on clusterv1.Cluster object for unpause notifications. - if err = c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(util.ClusterToInfrastructureMapFunc(ctx, infrav1.GroupVersion.WithKind(infrav1.AzureClusterKind), mgr.GetClient(), &infrav1.AzureCluster{})), - predicates.ClusterUnpaused(log), - predicates.ResourceNotPausedAndHasFilterLabel(log, asos.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for ready clusters") - } - - return nil + // Add a watch on ASO secrets owned by an AzureManagedControlPlane + Watches( + &corev1.Secret{}, + handler.EnqueueRequestForOwner(asos.Scheme(), asos.RESTMapper(), &infrav1.AzureManagedControlPlane{}, handler.OnlyControllerOwner()), + ). + // Add a watch on infrav1.AzureManagedControlPlane. + Watches( + &infrav1.AzureManagedControlPlane{}, + &handler.EnqueueRequestForObject{}, + builder.WithPredicates( + predicates.ResourceNotPausedAndHasFilterLabel(log, asos.WatchFilterValue), + ), + ). + // Add a watch on clusterv1.Cluster object for unpause notifications. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(util.ClusterToInfrastructureMapFunc(ctx, infrav1.GroupVersion.WithKind(infrav1.AzureClusterKind), mgr.GetClient(), &infrav1.AzureCluster{})), + builder.WithPredicates( + predicates.ClusterUnpaused(log), + predicates.ResourceNotPausedAndHasFilterLabel(log, asos.WatchFilterValue), + ), + ). + Complete(asos) } // Reconcile reconciles the ASO secrets associated with AzureCluster objects. diff --git a/exp/controllers/azureasomanagedcluster_controller.go b/controllers/azureasomanagedcluster_controller.go similarity index 81% rename from exp/controllers/azureasomanagedcluster_controller.go rename to controllers/azureasomanagedcluster_controller.go index d651f57d8d0..2c2a4ef2399 100644 --- a/exp/controllers/azureasomanagedcluster_controller.go +++ b/controllers/azureasomanagedcluster_controller.go @@ -23,9 +23,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - infracontroller "sigs.k8s.io/cluster-api-provider-azure/controllers" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" - "sigs.k8s.io/cluster-api-provider-azure/exp/mutators" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" + "sigs.k8s.io/cluster-api-provider-azure/pkg/mutators" "sigs.k8s.io/cluster-api-provider-azure/util/tele" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" "sigs.k8s.io/cluster-api/controllers/external" @@ -36,6 +35,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/event" "sigs.k8s.io/controller-runtime/pkg/handler" @@ -50,7 +50,7 @@ type AzureASOManagedClusterReconciler struct { client.Client WatchFilterValue string - newResourceReconciler func(*infrav1exp.AzureASOManagedCluster, []*unstructured.Unstructured) resourceReconciler + newResourceReconciler func(*infrav1alpha.AzureASOManagedCluster, []*unstructured.Unstructured) resourceReconciler } type resourceReconciler interface { @@ -67,41 +67,42 @@ type resourceReconciler interface { } // SetupWithManager sets up the controller with the Manager. -func (r *AzureASOManagedClusterReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager) error { +func (r *AzureASOManagedClusterReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, options controller.Options) error { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedClusterReconciler.SetupWithManager", - tele.KVP("controller", infrav1exp.AzureASOManagedClusterKind), + tele.KVP("controller", infrav1alpha.AzureASOManagedClusterKind), ) defer done() c, err := ctrl.NewControllerManagedBy(mgr). - For(&infrav1exp.AzureASOManagedCluster{}). + WithOptions(options). + For(&infrav1alpha.AzureASOManagedCluster{}). WithEventFilter(predicates.ResourceHasFilterLabel(log, r.WatchFilterValue)). WithEventFilter(predicates.ResourceIsNotExternallyManaged(log)). // Watch clusters for pause/unpause notifications Watches( &clusterv1.Cluster{}, handler.EnqueueRequestsFromMapFunc( - util.ClusterToInfrastructureMapFunc(ctx, infrav1exp.GroupVersion.WithKind(infrav1exp.AzureASOManagedClusterKind), mgr.GetClient(), &infrav1exp.AzureASOManagedCluster{}), + util.ClusterToInfrastructureMapFunc(ctx, infrav1alpha.GroupVersion.WithKind(infrav1alpha.AzureASOManagedClusterKind), mgr.GetClient(), &infrav1alpha.AzureASOManagedCluster{}), ), builder.WithPredicates( predicates.ResourceHasFilterLabel(log, r.WatchFilterValue), - infracontroller.ClusterUpdatePauseChange(log), + ClusterUpdatePauseChange(log), ), ). Watches( - &infrav1exp.AzureASOManagedControlPlane{}, + &infrav1alpha.AzureASOManagedControlPlane{}, handler.EnqueueRequestsFromMapFunc(asoManagedControlPlaneToManagedClusterMap(r.Client)), builder.WithPredicates( predicates.ResourceHasFilterLabel(log, r.WatchFilterValue), predicate.Funcs{ CreateFunc: func(ev event.CreateEvent) bool { - controlPlane := ev.Object.(*infrav1exp.AzureASOManagedControlPlane) + controlPlane := ev.Object.(*infrav1alpha.AzureASOManagedControlPlane) return !controlPlane.Status.ControlPlaneEndpoint.IsZero() }, UpdateFunc: func(ev event.UpdateEvent) bool { - oldControlPlane := ev.ObjectOld.(*infrav1exp.AzureASOManagedControlPlane) - newControlPlane := ev.ObjectNew.(*infrav1exp.AzureASOManagedControlPlane) + oldControlPlane := ev.ObjectOld.(*infrav1alpha.AzureASOManagedControlPlane) + newControlPlane := ev.ObjectNew.(*infrav1alpha.AzureASOManagedControlPlane) return oldControlPlane.Status.ControlPlaneEndpoint != newControlPlane.Status.ControlPlaneEndpoint }, @@ -118,7 +119,7 @@ func (r *AzureASOManagedClusterReconciler) SetupWithManager(ctx context.Context, Controller: c, } - r.newResourceReconciler = func(asoManagedCluster *infrav1exp.AzureASOManagedCluster, resources []*unstructured.Unstructured) resourceReconciler { + r.newResourceReconciler = func(asoManagedCluster *infrav1alpha.AzureASOManagedCluster, resources []*unstructured.Unstructured) resourceReconciler { return &ResourceReconciler{ Client: r.Client, resources: resources, @@ -132,7 +133,7 @@ func (r *AzureASOManagedClusterReconciler) SetupWithManager(ctx context.Context, func asoManagedControlPlaneToManagedClusterMap(c client.Client) handler.MapFunc { return func(ctx context.Context, o client.Object) []reconcile.Request { - asoManagedControlPlane := o.(*infrav1exp.AzureASOManagedControlPlane) + asoManagedControlPlane := o.(*infrav1alpha.AzureASOManagedControlPlane) cluster, err := util.GetOwnerCluster(ctx, c, asoManagedControlPlane.ObjectMeta) if err != nil { @@ -141,8 +142,8 @@ func asoManagedControlPlaneToManagedClusterMap(c client.Client) handler.MapFunc if cluster == nil || cluster.Spec.InfrastructureRef == nil || - cluster.Spec.InfrastructureRef.APIVersion != infrav1exp.GroupVersion.Identifier() || - cluster.Spec.InfrastructureRef.Kind != infrav1exp.AzureASOManagedClusterKind { + cluster.Spec.InfrastructureRef.APIVersion != infrav1alpha.GroupVersion.Identifier() || + cluster.Spec.InfrastructureRef.Kind != infrav1alpha.AzureASOManagedClusterKind { return nil } @@ -167,11 +168,11 @@ func (r *AzureASOManagedClusterReconciler) Reconcile(ctx context.Context, req ct "controllers.AzureASOManagedClusterReconciler.Reconcile", tele.KVP("namespace", req.Namespace), tele.KVP("name", req.Name), - tele.KVP("kind", infrav1exp.AzureASOManagedClusterKind), + tele.KVP("kind", infrav1alpha.AzureASOManagedClusterKind), ) defer done() - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{} + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{} err := r.Get(ctx, req.NamespacedName, asoManagedCluster) if err != nil { return ctrl.Result{}, client.IgnoreNotFound(err) @@ -208,7 +209,7 @@ func (r *AzureASOManagedClusterReconciler) Reconcile(ctx context.Context, req ct return r.reconcileNormal(ctx, asoManagedCluster, cluster) } -func (r *AzureASOManagedClusterReconciler) reconcileNormal(ctx context.Context, asoManagedCluster *infrav1exp.AzureASOManagedCluster, cluster *clusterv1.Cluster) (ctrl.Result, error) { +func (r *AzureASOManagedClusterReconciler) reconcileNormal(ctx context.Context, asoManagedCluster *infrav1alpha.AzureASOManagedCluster, cluster *clusterv1.Cluster) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedClusterReconciler.reconcileNormal", ) @@ -220,13 +221,13 @@ func (r *AzureASOManagedClusterReconciler) reconcileNormal(ctx context.Context, return ctrl.Result{}, nil } if cluster.Spec.ControlPlaneRef == nil || - cluster.Spec.ControlPlaneRef.APIVersion != infrav1exp.GroupVersion.Identifier() || - cluster.Spec.ControlPlaneRef.Kind != infrav1exp.AzureASOManagedControlPlaneKind { + cluster.Spec.ControlPlaneRef.APIVersion != infrav1alpha.GroupVersion.Identifier() || + cluster.Spec.ControlPlaneRef.Kind != infrav1alpha.AzureASOManagedControlPlaneKind { return ctrl.Result{}, reconcile.TerminalError(errInvalidControlPlaneKind) } needsPatch := controllerutil.AddFinalizer(asoManagedCluster, clusterv1.ClusterFinalizer) - needsPatch = infracontroller.AddBlockMoveAnnotation(asoManagedCluster) || needsPatch + needsPatch = AddBlockMoveAnnotation(asoManagedCluster) || needsPatch if needsPatch { return ctrl.Result{Requeue: true}, nil } @@ -246,7 +247,7 @@ func (r *AzureASOManagedClusterReconciler) reconcileNormal(ctx context.Context, } } - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Namespace: cluster.Spec.ControlPlaneRef.Namespace, Name: cluster.Spec.ControlPlaneRef.Name, @@ -264,7 +265,7 @@ func (r *AzureASOManagedClusterReconciler) reconcileNormal(ctx context.Context, } //nolint:unparam // an empty ctrl.Result is always returned here, leaving it as-is to avoid churn in refactoring later if that changes. -func (r *AzureASOManagedClusterReconciler) reconcilePaused(ctx context.Context, asoManagedCluster *infrav1exp.AzureASOManagedCluster) (ctrl.Result, error) { +func (r *AzureASOManagedClusterReconciler) reconcilePaused(ctx context.Context, asoManagedCluster *infrav1alpha.AzureASOManagedCluster) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedClusterReconciler.reconcilePaused") defer done() log.V(4).Info("reconciling pause") @@ -279,13 +280,13 @@ func (r *AzureASOManagedClusterReconciler) reconcilePaused(ctx context.Context, return ctrl.Result{}, fmt.Errorf("failed to pause resources: %w", err) } - infracontroller.RemoveBlockMoveAnnotation(asoManagedCluster) + RemoveBlockMoveAnnotation(asoManagedCluster) return ctrl.Result{}, nil } //nolint:unparam // an empty ctrl.Result is always returned here, leaving it as-is to avoid churn in refactoring later if that changes. -func (r *AzureASOManagedClusterReconciler) reconcileDelete(ctx context.Context, asoManagedCluster *infrav1exp.AzureASOManagedCluster) (ctrl.Result, error) { +func (r *AzureASOManagedClusterReconciler) reconcileDelete(ctx context.Context, asoManagedCluster *infrav1alpha.AzureASOManagedCluster) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedClusterReconciler.reconcileDelete", ) diff --git a/exp/controllers/azureasomanagedcluster_controller_test.go b/controllers/azureasomanagedcluster_controller_test.go similarity index 84% rename from exp/controllers/azureasomanagedcluster_controller_test.go rename to controllers/azureasomanagedcluster_controller_test.go index a4d6e1af598..4767e64469b 100644 --- a/exp/controllers/azureasomanagedcluster_controller_test.go +++ b/controllers/azureasomanagedcluster_controller_test.go @@ -28,7 +28,7 @@ import ( "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" clusterctlv1 "sigs.k8s.io/cluster-api/cmd/clusterctl/api/v1alpha3" ctrl "sigs.k8s.io/controller-runtime" @@ -69,7 +69,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { s := runtime.NewScheme() sb := runtime.NewSchemeBuilder( - infrav1exp.AddToScheme, + infrav1alpha.AddToScheme, clusterv1.AddToScheme, ) NewGomegaWithT(t).Expect(sb.AddToScheme(s)).To(Succeed()) @@ -77,7 +77,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { fakeClientBuilder := func() *fakeclient.ClientBuilder { return fakeclient.NewClientBuilder(). WithScheme(s). - WithStatusSubresource(&infrav1exp.AzureASOManagedCluster{}) + WithStatusSubresource(&infrav1alpha.AzureASOManagedCluster{}) } t.Run("AzureASOManagedCluster does not exist", func(t *testing.T) { @@ -96,7 +96,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { t.Run("Cluster does not exist", func(t *testing.T) { g := NewGomegaWithT(t) - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{ + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Name: "amc", Namespace: "ns", @@ -129,12 +129,12 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, }, }, } - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{ + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Name: "amc", Namespace: cluster.Namespace, @@ -172,12 +172,12 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, }, }, } - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{ + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Name: "amc", Namespace: cluster.Namespace, @@ -195,7 +195,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { clusterctlv1.BlockMoveAnnotation: "true", }, }, - Status: infrav1exp.AzureASOManagedClusterStatus{ + Status: infrav1alpha.AzureASOManagedClusterStatus{ Ready: true, }, } @@ -204,11 +204,11 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { Build() r := &AzureASOManagedClusterReconciler{ Client: c, - newResourceReconciler: func(asoManagedCluster *infrav1exp.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(asoManagedCluster *infrav1alpha.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ owner: asoManagedCluster, reconcileFunc: func(ctx context.Context, o client.Object) error { - asoManagedCluster.SetResourceStatuses([]infrav1exp.ResourceStatus{ + asoManagedCluster.SetResourceStatuses([]infrav1alpha.ResourceStatus{ {Ready: true}, {Ready: false}, {Ready: true}, @@ -236,14 +236,14 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, Name: "amcp", Namespace: "ns", }, }, } - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{ + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Name: "amc", Namespace: cluster.Namespace, @@ -261,16 +261,16 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { clusterctlv1.BlockMoveAnnotation: "true", }, }, - Status: infrav1exp.AzureASOManagedClusterStatus{ + Status: infrav1alpha.AzureASOManagedClusterStatus{ Ready: false, }, } - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Name: "amcp", Namespace: cluster.Namespace, }, - Status: infrav1exp.AzureASOManagedControlPlaneStatus{ + Status: infrav1alpha.AzureASOManagedControlPlaneStatus{ ControlPlaneEndpoint: clusterv1.APIEndpoint{Host: "endpoint"}, }, } @@ -279,7 +279,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { Build() r := &AzureASOManagedClusterReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ reconcileFunc: func(ctx context.Context, o client.Object) error { return nil @@ -308,7 +308,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { Paused: true, }, } - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{ + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Name: "amc", Namespace: cluster.Namespace, @@ -329,7 +329,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { Build() r := &AzureASOManagedClusterReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ pauseFunc: func(_ context.Context, _ client.Object) error { return nil @@ -348,7 +348,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { t.Run("successfully reconciles in-progress delete", func(t *testing.T) { g := NewGomegaWithT(t) - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{ + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Name: "amc", Namespace: "ns", @@ -363,13 +363,13 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { Build() r := &AzureASOManagedClusterReconciler{ Client: c, - newResourceReconciler: func(asoManagedCluster *infrav1exp.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(asoManagedCluster *infrav1alpha.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ owner: asoManagedCluster, deleteFunc: func(ctx context.Context, o client.Object) error { - asoManagedCluster.SetResourceStatuses([]infrav1exp.ResourceStatus{ + asoManagedCluster.SetResourceStatuses([]infrav1alpha.ResourceStatus{ { - Resource: infrav1exp.StatusResource{ + Resource: infrav1alpha.StatusResource{ Name: "still-deleting", }, }, @@ -391,7 +391,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { t.Run("successfully reconciles finished delete", func(t *testing.T) { g := NewGomegaWithT(t) - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{ + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Name: "amc", Namespace: "ns", @@ -406,7 +406,7 @@ func TestAzureASOManagedClusterReconcile(t *testing.T) { Build() r := &AzureASOManagedClusterReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedCluster, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ deleteFunc: func(ctx context.Context, o client.Object) error { return nil diff --git a/exp/controllers/azureasomanagedcontrolplane_controller.go b/controllers/azureasomanagedcontrolplane_controller.go similarity index 84% rename from exp/controllers/azureasomanagedcontrolplane_controller.go rename to controllers/azureasomanagedcontrolplane_controller.go index 8b91b55b9d2..3d8ed0f310a 100644 --- a/exp/controllers/azureasomanagedcontrolplane_controller.go +++ b/controllers/azureasomanagedcontrolplane_controller.go @@ -26,9 +26,8 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - infracontroller "sigs.k8s.io/cluster-api-provider-azure/controllers" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" - "sigs.k8s.io/cluster-api-provider-azure/exp/mutators" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" + "sigs.k8s.io/cluster-api-provider-azure/pkg/mutators" "sigs.k8s.io/cluster-api-provider-azure/util/tele" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" "sigs.k8s.io/cluster-api/controllers/external" @@ -40,6 +39,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" @@ -52,31 +52,32 @@ type AzureASOManagedControlPlaneReconciler struct { client.Client WatchFilterValue string - newResourceReconciler func(*infrav1exp.AzureASOManagedControlPlane, []*unstructured.Unstructured) resourceReconciler + newResourceReconciler func(*infrav1alpha.AzureASOManagedControlPlane, []*unstructured.Unstructured) resourceReconciler } // SetupWithManager sets up the controller with the Manager. -func (r *AzureASOManagedControlPlaneReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager) error { +func (r *AzureASOManagedControlPlaneReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, options controller.Options) error { _, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedControlPlaneReconciler.SetupWithManager", - tele.KVP("controller", infrav1exp.AzureASOManagedControlPlaneKind), + tele.KVP("controller", infrav1alpha.AzureASOManagedControlPlaneKind), ) defer done() c, err := ctrl.NewControllerManagedBy(mgr). - For(&infrav1exp.AzureASOManagedControlPlane{}). + WithOptions(options). + For(&infrav1alpha.AzureASOManagedControlPlane{}). WithEventFilter(predicates.ResourceHasFilterLabel(log, r.WatchFilterValue)). Watches(&clusterv1.Cluster{}, handler.EnqueueRequestsFromMapFunc(clusterToAzureASOManagedControlPlane), builder.WithPredicates( predicates.ResourceHasFilterLabel(log, r.WatchFilterValue), - infracontroller.ClusterPauseChangeAndInfrastructureReady(log), + ClusterPauseChangeAndInfrastructureReady(log), ), ). // User errors that CAPZ passes through agentPoolProfiles on create must be fixed in the // AzureASOManagedMachinePool, so trigger a reconciliation to consume those fixes. Watches( - &infrav1exp.AzureASOManagedMachinePool{}, + &infrav1alpha.AzureASOManagedMachinePool{}, handler.EnqueueRequestsFromMapFunc(r.azureASOManagedMachinePoolToAzureASOManagedControlPlane), ). Owns(&corev1.Secret{}). @@ -90,7 +91,7 @@ func (r *AzureASOManagedControlPlaneReconciler) SetupWithManager(ctx context.Con Controller: c, } - r.newResourceReconciler = func(asoManagedCluster *infrav1exp.AzureASOManagedControlPlane, resources []*unstructured.Unstructured) resourceReconciler { + r.newResourceReconciler = func(asoManagedCluster *infrav1alpha.AzureASOManagedControlPlane, resources []*unstructured.Unstructured) resourceReconciler { return &ResourceReconciler{ Client: r.Client, resources: resources, @@ -105,15 +106,15 @@ func (r *AzureASOManagedControlPlaneReconciler) SetupWithManager(ctx context.Con func clusterToAzureASOManagedControlPlane(_ context.Context, o client.Object) []ctrl.Request { controlPlaneRef := o.(*clusterv1.Cluster).Spec.ControlPlaneRef if controlPlaneRef != nil && - controlPlaneRef.APIVersion == infrav1exp.GroupVersion.Identifier() && - controlPlaneRef.Kind == infrav1exp.AzureASOManagedControlPlaneKind { + controlPlaneRef.APIVersion == infrav1alpha.GroupVersion.Identifier() && + controlPlaneRef.Kind == infrav1alpha.AzureASOManagedControlPlaneKind { return []ctrl.Request{{NamespacedName: client.ObjectKey{Namespace: controlPlaneRef.Namespace, Name: controlPlaneRef.Name}}} } return nil } func (r *AzureASOManagedControlPlaneReconciler) azureASOManagedMachinePoolToAzureASOManagedControlPlane(ctx context.Context, o client.Object) []ctrl.Request { - asoManagedMachinePool := o.(*infrav1exp.AzureASOManagedMachinePool) + asoManagedMachinePool := o.(*infrav1alpha.AzureASOManagedMachinePool) clusterName := asoManagedMachinePool.Labels[clusterv1.ClusterNameLabel] if clusterName == "" { return nil @@ -135,11 +136,11 @@ func (r *AzureASOManagedControlPlaneReconciler) Reconcile(ctx context.Context, r "controllers.AzureASOManagedControlPlaneReconciler.Reconcile", tele.KVP("namespace", req.Namespace), tele.KVP("name", req.Name), - tele.KVP("kind", infrav1exp.AzureASOManagedControlPlaneKind), + tele.KVP("kind", infrav1alpha.AzureASOManagedControlPlaneKind), ) defer done() - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{} + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{} err := r.Get(ctx, req.NamespacedName, asoManagedControlPlane) if err != nil { return ctrl.Result{}, client.IgnoreNotFound(err) @@ -177,7 +178,7 @@ func (r *AzureASOManagedControlPlaneReconciler) Reconcile(ctx context.Context, r return r.reconcileNormal(ctx, asoManagedControlPlane, cluster) } -func (r *AzureASOManagedControlPlaneReconciler) reconcileNormal(ctx context.Context, asoManagedControlPlane *infrav1exp.AzureASOManagedControlPlane, cluster *clusterv1.Cluster) (ctrl.Result, error) { +func (r *AzureASOManagedControlPlaneReconciler) reconcileNormal(ctx context.Context, asoManagedControlPlane *infrav1alpha.AzureASOManagedControlPlane, cluster *clusterv1.Cluster) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedControlPlaneReconciler.reconcileNormal", ) @@ -189,13 +190,13 @@ func (r *AzureASOManagedControlPlaneReconciler) reconcileNormal(ctx context.Cont return ctrl.Result{}, nil } if cluster.Spec.InfrastructureRef == nil || - cluster.Spec.InfrastructureRef.APIVersion != infrav1exp.GroupVersion.Identifier() || - cluster.Spec.InfrastructureRef.Kind != infrav1exp.AzureASOManagedClusterKind { + cluster.Spec.InfrastructureRef.APIVersion != infrav1alpha.GroupVersion.Identifier() || + cluster.Spec.InfrastructureRef.Kind != infrav1alpha.AzureASOManagedClusterKind { return ctrl.Result{}, reconcile.TerminalError(errInvalidClusterKind) } - needsPatch := controllerutil.AddFinalizer(asoManagedControlPlane, infrav1exp.AzureASOManagedControlPlaneFinalizer) - needsPatch = infracontroller.AddBlockMoveAnnotation(asoManagedControlPlane) || needsPatch + needsPatch := controllerutil.AddFinalizer(asoManagedControlPlane, infrav1alpha.AzureASOManagedControlPlaneFinalizer) + needsPatch = AddBlockMoveAnnotation(asoManagedControlPlane) || needsPatch if needsPatch { return ctrl.Result{Requeue: true}, nil } @@ -252,7 +253,7 @@ func (r *AzureASOManagedControlPlaneReconciler) reconcileNormal(ctx context.Cont return ctrl.Result{}, nil } -func (r *AzureASOManagedControlPlaneReconciler) reconcileKubeconfig(ctx context.Context, asoManagedControlPlane *infrav1exp.AzureASOManagedControlPlane, cluster *clusterv1.Cluster, managedCluster *asocontainerservicev1.ManagedCluster) error { +func (r *AzureASOManagedControlPlaneReconciler) reconcileKubeconfig(ctx context.Context, asoManagedControlPlane *infrav1alpha.AzureASOManagedControlPlane, cluster *clusterv1.Cluster, managedCluster *asocontainerservicev1.ManagedCluster) error { ctx, _, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedControlPlaneReconciler.reconcileKubeconfig", ) @@ -284,7 +285,7 @@ func (r *AzureASOManagedControlPlaneReconciler) reconcileKubeconfig(ctx context. Name: secret.Name(cluster.Name, secret.Kubeconfig), Namespace: cluster.Namespace, OwnerReferences: []metav1.OwnerReference{ - *metav1.NewControllerRef(asoManagedControlPlane, infrav1exp.GroupVersion.WithKind(infrav1exp.AzureASOManagedControlPlaneKind)), + *metav1.NewControllerRef(asoManagedControlPlane, infrav1alpha.GroupVersion.WithKind(infrav1alpha.AzureASOManagedControlPlaneKind)), }, Labels: map[string]string{clusterv1.ClusterNameLabel: cluster.Name}, }, @@ -297,7 +298,7 @@ func (r *AzureASOManagedControlPlaneReconciler) reconcileKubeconfig(ctx context. } //nolint:unparam // an empty ctrl.Result is always returned here, leaving it as-is to avoid churn in refactoring later if that changes. -func (r *AzureASOManagedControlPlaneReconciler) reconcilePaused(ctx context.Context, asoManagedControlPlane *infrav1exp.AzureASOManagedControlPlane) (ctrl.Result, error) { +func (r *AzureASOManagedControlPlaneReconciler) reconcilePaused(ctx context.Context, asoManagedControlPlane *infrav1alpha.AzureASOManagedControlPlane) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedControlPlaneReconciler.reconcilePaused") defer done() log.V(4).Info("reconciling pause") @@ -312,13 +313,13 @@ func (r *AzureASOManagedControlPlaneReconciler) reconcilePaused(ctx context.Cont return ctrl.Result{}, fmt.Errorf("failed to pause resources: %w", err) } - infracontroller.RemoveBlockMoveAnnotation(asoManagedControlPlane) + RemoveBlockMoveAnnotation(asoManagedControlPlane) return ctrl.Result{}, nil } //nolint:unparam // an empty ctrl.Result is always returned here, leaving it as-is to avoid churn in refactoring later if that changes. -func (r *AzureASOManagedControlPlaneReconciler) reconcileDelete(ctx context.Context, asoManagedControlPlane *infrav1exp.AzureASOManagedControlPlane) (ctrl.Result, error) { +func (r *AzureASOManagedControlPlaneReconciler) reconcileDelete(ctx context.Context, asoManagedControlPlane *infrav1alpha.AzureASOManagedControlPlane) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedControlPlaneReconciler.reconcileDelete", ) @@ -338,7 +339,7 @@ func (r *AzureASOManagedControlPlaneReconciler) reconcileDelete(ctx context.Cont return ctrl.Result{}, nil } - controllerutil.RemoveFinalizer(asoManagedControlPlane, infrav1exp.AzureASOManagedControlPlaneFinalizer) + controllerutil.RemoveFinalizer(asoManagedControlPlane, infrav1alpha.AzureASOManagedControlPlaneFinalizer) return ctrl.Result{}, nil } diff --git a/exp/controllers/azureasomanagedcontrolplane_controller_test.go b/controllers/azureasomanagedcontrolplane_controller_test.go similarity index 85% rename from exp/controllers/azureasomanagedcontrolplane_controller_test.go rename to controllers/azureasomanagedcontrolplane_controller_test.go index 7e80e80b583..707ddf9db81 100644 --- a/exp/controllers/azureasomanagedcontrolplane_controller_test.go +++ b/controllers/azureasomanagedcontrolplane_controller_test.go @@ -32,7 +32,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" "k8s.io/utils/ptr" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" clusterctlv1 "sigs.k8s.io/cluster-api/cmd/clusterctl/api/v1alpha3" "sigs.k8s.io/cluster-api/util/secret" @@ -46,7 +46,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { s := runtime.NewScheme() sb := runtime.NewSchemeBuilder( - infrav1exp.AddToScheme, + infrav1alpha.AddToScheme, clusterv1.AddToScheme, asocontainerservicev1.AddToScheme, corev1.AddToScheme, @@ -55,7 +55,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { fakeClientBuilder := func() *fakeclient.ClientBuilder { return fakeclient.NewClientBuilder(). WithScheme(s). - WithStatusSubresource(&infrav1exp.AzureASOManagedControlPlane{}) + WithStatusSubresource(&infrav1alpha.AzureASOManagedControlPlane{}) } t.Run("AzureASOManagedControlPlane does not exist", func(t *testing.T) { @@ -74,7 +74,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { t.Run("Cluster does not exist", func(t *testing.T) { g := NewGomegaWithT(t) - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Name: "amcp", Namespace: "ns", @@ -107,12 +107,12 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ InfrastructureRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedClusterKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedClusterKind, }, }, } - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Name: "amcp", Namespace: cluster.Namespace, @@ -136,7 +136,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { g.Expect(result).To(Equal(ctrl.Result{Requeue: true})) g.Expect(c.Get(ctx, client.ObjectKeyFromObject(asoManagedControlPlane), asoManagedControlPlane)).To(Succeed()) - g.Expect(asoManagedControlPlane.GetFinalizers()).To(ContainElement(infrav1exp.AzureASOManagedControlPlaneFinalizer)) + g.Expect(asoManagedControlPlane.GetFinalizers()).To(ContainElement(infrav1alpha.AzureASOManagedControlPlaneFinalizer)) g.Expect(asoManagedControlPlane.GetAnnotations()).To(HaveKey(clusterctlv1.BlockMoveAnnotation)) }) @@ -150,12 +150,12 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ InfrastructureRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedClusterKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedClusterKind, }, }, } - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Name: "amcp", Namespace: cluster.Namespace, @@ -167,14 +167,14 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { }, }, Finalizers: []string{ - infrav1exp.AzureASOManagedControlPlaneFinalizer, + infrav1alpha.AzureASOManagedControlPlaneFinalizer, }, Annotations: map[string]string{ clusterctlv1.BlockMoveAnnotation: "true", }, }, - Spec: infrav1exp.AzureASOManagedControlPlaneSpec{ - AzureASOManagedControlPlaneTemplateResourceSpec: infrav1exp.AzureASOManagedControlPlaneTemplateResourceSpec{ + Spec: infrav1alpha.AzureASOManagedControlPlaneSpec{ + AzureASOManagedControlPlaneTemplateResourceSpec: infrav1alpha.AzureASOManagedControlPlaneTemplateResourceSpec{ Resources: []runtime.RawExtension{ { Raw: mcJSON(g, &asocontainerservicev1.ManagedCluster{ @@ -186,7 +186,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { }, }, }, - Status: infrav1exp.AzureASOManagedControlPlaneStatus{ + Status: infrav1alpha.AzureASOManagedControlPlaneStatus{ Ready: true, }, } @@ -195,11 +195,11 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { Build() r := &AzureASOManagedControlPlaneReconciler{ Client: c, - newResourceReconciler: func(asoManagedControlPlane *infrav1exp.AzureASOManagedControlPlane, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(asoManagedControlPlane *infrav1alpha.AzureASOManagedControlPlane, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ owner: asoManagedControlPlane, reconcileFunc: func(ctx context.Context, o client.Object) error { - asoManagedControlPlane.SetResourceStatuses([]infrav1exp.ResourceStatus{ + asoManagedControlPlane.SetResourceStatuses([]infrav1alpha.ResourceStatus{ {Ready: true}, {Ready: false}, {Ready: true}, @@ -227,8 +227,8 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ InfrastructureRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedClusterKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedClusterKind, }, }, } @@ -261,7 +261,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { CurrentKubernetesVersion: ptr.To("Current"), }, } - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Name: "amcp", Namespace: cluster.Namespace, @@ -273,14 +273,14 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { }, }, Finalizers: []string{ - infrav1exp.AzureASOManagedControlPlaneFinalizer, + infrav1alpha.AzureASOManagedControlPlaneFinalizer, }, Annotations: map[string]string{ clusterctlv1.BlockMoveAnnotation: "true", }, }, - Spec: infrav1exp.AzureASOManagedControlPlaneSpec{ - AzureASOManagedControlPlaneTemplateResourceSpec: infrav1exp.AzureASOManagedControlPlaneTemplateResourceSpec{ + Spec: infrav1alpha.AzureASOManagedControlPlaneSpec{ + AzureASOManagedControlPlaneTemplateResourceSpec: infrav1alpha.AzureASOManagedControlPlaneTemplateResourceSpec{ Resources: []runtime.RawExtension{ { Raw: mcJSON(g, &asocontainerservicev1.ManagedCluster{ @@ -292,7 +292,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { }, }, }, - Status: infrav1exp.AzureASOManagedControlPlaneStatus{ + Status: infrav1alpha.AzureASOManagedControlPlaneStatus{ Ready: false, }, } @@ -310,7 +310,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { return nil }, }, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedControlPlane, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedControlPlane, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ reconcileFunc: func(ctx context.Context, o client.Object) error { return nil @@ -341,7 +341,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { Paused: true, }, } - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Name: "amcp", Namespace: cluster.Namespace, @@ -362,7 +362,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { Build() r := &AzureASOManagedControlPlaneReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedControlPlane, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedControlPlane, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ pauseFunc: func(_ context.Context, _ client.Object) error { return nil @@ -381,12 +381,12 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { t.Run("successfully reconciles delete", func(t *testing.T) { g := NewGomegaWithT(t) - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Name: "amcp", Namespace: "ns", Finalizers: []string{ - infrav1exp.AzureASOManagedControlPlaneFinalizer, + infrav1alpha.AzureASOManagedControlPlaneFinalizer, }, DeletionTimestamp: &metav1.Time{Time: time.Date(1, 0, 0, 0, 0, 0, 0, time.UTC)}, }, @@ -396,7 +396,7 @@ func TestAzureASOManagedControlPlaneReconcile(t *testing.T) { Build() r := &AzureASOManagedControlPlaneReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedControlPlane, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedControlPlane, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ deleteFunc: func(ctx context.Context, o client.Object) error { return nil diff --git a/exp/controllers/azureasomanagedmachinepool_controller.go b/controllers/azureasomanagedmachinepool_controller.go similarity index 83% rename from exp/controllers/azureasomanagedmachinepool_controller.go rename to controllers/azureasomanagedmachinepool_controller.go index 2b957562974..c57f8df9738 100644 --- a/exp/controllers/azureasomanagedmachinepool_controller.go +++ b/controllers/azureasomanagedmachinepool_controller.go @@ -25,10 +25,10 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/validation" "k8s.io/utils/ptr" - infracontroller "sigs.k8s.io/cluster-api-provider-azure/controllers" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" - "sigs.k8s.io/cluster-api-provider-azure/exp/mutators" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" + "sigs.k8s.io/cluster-api-provider-azure/pkg/mutators" "sigs.k8s.io/cluster-api-provider-azure/util/tele" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" "sigs.k8s.io/cluster-api/controllers/external" @@ -41,6 +41,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" @@ -52,7 +53,7 @@ type AzureASOManagedMachinePoolReconciler struct { WatchFilterValue string Tracker ClusterTracker - newResourceReconciler func(*infrav1exp.AzureASOManagedMachinePool, []*unstructured.Unstructured) resourceReconciler + newResourceReconciler func(*infrav1alpha.AzureASOManagedMachinePool, []*unstructured.Unstructured) resourceReconciler } // ClusterTracker wraps a CAPI remote.ClusterCacheTracker. @@ -61,20 +62,21 @@ type ClusterTracker interface { } // SetupWithManager sets up the controller with the Manager. -func (r *AzureASOManagedMachinePoolReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager) error { +func (r *AzureASOManagedMachinePoolReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, options controller.Options) error { _, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedMachinePoolReconciler.SetupWithManager", - tele.KVP("controller", infrav1exp.AzureASOManagedMachinePoolKind), + tele.KVP("controller", infrav1alpha.AzureASOManagedMachinePoolKind), ) defer done() - clusterToAzureASOManagedMachinePools, err := util.ClusterToTypedObjectsMapper(mgr.GetClient(), &infrav1exp.AzureASOManagedMachinePoolList{}, mgr.GetScheme()) + clusterToAzureASOManagedMachinePools, err := util.ClusterToTypedObjectsMapper(mgr.GetClient(), &infrav1alpha.AzureASOManagedMachinePoolList{}, mgr.GetScheme()) if err != nil { return fmt.Errorf("failed to get Cluster to AzureASOManagedMachinePool mapper: %w", err) } c, err := ctrl.NewControllerManagedBy(mgr). - For(&infrav1exp.AzureASOManagedMachinePool{}). + WithOptions(options). + For(&infrav1alpha.AzureASOManagedMachinePool{}). WithEventFilter(predicates.ResourceHasFilterLabel(log, r.WatchFilterValue)). Watches( &clusterv1.Cluster{}, @@ -83,14 +85,14 @@ func (r *AzureASOManagedMachinePoolReconciler) SetupWithManager(ctx context.Cont predicates.ResourceHasFilterLabel(log, r.WatchFilterValue), predicates.Any(log, predicates.ClusterControlPlaneInitialized(log), - infracontroller.ClusterUpdatePauseChange(log), + ClusterUpdatePauseChange(log), ), ), ). Watches( &expv1.MachinePool{}, - handler.EnqueueRequestsFromMapFunc(utilexp.MachinePoolToInfrastructureMapFunc( - infrav1exp.GroupVersion.WithKind(infrav1exp.AzureASOManagedMachinePoolKind), log), + handler.EnqueueRequestsFromMapFunc(utilexp.MachinePoolToInfrastructureMapFunc(ctx, + infrav1alpha.GroupVersion.WithKind(infrav1alpha.AzureASOManagedMachinePoolKind)), ), builder.WithPredicates( predicates.ResourceHasFilterLabel(log, r.WatchFilterValue), @@ -106,7 +108,7 @@ func (r *AzureASOManagedMachinePoolReconciler) SetupWithManager(ctx context.Cont Controller: c, } - r.newResourceReconciler = func(asoManagedCluster *infrav1exp.AzureASOManagedMachinePool, resources []*unstructured.Unstructured) resourceReconciler { + r.newResourceReconciler = func(asoManagedCluster *infrav1alpha.AzureASOManagedMachinePool, resources []*unstructured.Unstructured) resourceReconciler { return &ResourceReconciler{ Client: r.Client, resources: resources, @@ -128,11 +130,11 @@ func (r *AzureASOManagedMachinePoolReconciler) Reconcile(ctx context.Context, re "controllers.AzureASOManagedMachinePoolReconciler.Reconcile", tele.KVP("namespace", req.Namespace), tele.KVP("name", req.Name), - tele.KVP("kind", infrav1exp.AzureASOManagedMachinePoolKind), + tele.KVP("kind", infrav1alpha.AzureASOManagedMachinePoolKind), ) defer done() - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{} + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{} err := r.Get(ctx, req.NamespacedName, asoManagedMachinePool) if err != nil { return ctrl.Result{}, client.IgnoreNotFound(err) @@ -180,8 +182,8 @@ func (r *AzureASOManagedMachinePoolReconciler) Reconcile(ctx context.Context, re return ctrl.Result{}, nil } if cluster.Spec.ControlPlaneRef == nil || - cluster.Spec.ControlPlaneRef.APIVersion != infrav1exp.GroupVersion.Identifier() || - cluster.Spec.ControlPlaneRef.Kind != infrav1exp.AzureASOManagedControlPlaneKind { + cluster.Spec.ControlPlaneRef.APIVersion != infrav1alpha.GroupVersion.Identifier() || + cluster.Spec.ControlPlaneRef.Kind != infrav1alpha.AzureASOManagedControlPlaneKind { return ctrl.Result{}, reconcile.TerminalError(fmt.Errorf("AzureASOManagedMachinePool cannot be used without AzureASOManagedControlPlane")) } @@ -196,7 +198,7 @@ func (r *AzureASOManagedMachinePoolReconciler) Reconcile(ctx context.Context, re return r.reconcileNormal(ctx, asoManagedMachinePool, machinePool, cluster) } -func (r *AzureASOManagedMachinePoolReconciler) reconcileNormal(ctx context.Context, asoManagedMachinePool *infrav1exp.AzureASOManagedMachinePool, machinePool *expv1.MachinePool, cluster *clusterv1.Cluster) (ctrl.Result, error) { +func (r *AzureASOManagedMachinePoolReconciler) reconcileNormal(ctx context.Context, asoManagedMachinePool *infrav1alpha.AzureASOManagedMachinePool, machinePool *expv1.MachinePool, cluster *clusterv1.Cluster) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedMachinePoolReconciler.reconcileNormal", ) @@ -204,12 +206,12 @@ func (r *AzureASOManagedMachinePoolReconciler) reconcileNormal(ctx context.Conte log.V(4).Info("reconciling normally") needsPatch := controllerutil.AddFinalizer(asoManagedMachinePool, clusterv1.ClusterFinalizer) - needsPatch = infracontroller.AddBlockMoveAnnotation(asoManagedMachinePool) || needsPatch + needsPatch = AddBlockMoveAnnotation(asoManagedMachinePool) || needsPatch if needsPatch { return ctrl.Result{Requeue: true}, nil } - resources, err := mutators.ApplyMutators(ctx, asoManagedMachinePool.Spec.Resources, mutators.SetAgentPoolDefaults(asoManagedMachinePool, machinePool)) + resources, err := mutators.ApplyMutators(ctx, asoManagedMachinePool.Spec.Resources, mutators.SetAgentPoolDefaults(r.Client, machinePool)) if err != nil { return ctrl.Result{}, err } @@ -276,7 +278,7 @@ func (r *AzureASOManagedMachinePoolReconciler) reconcileNormal(ctx context.Conte slices.Sort(providerIDs) asoManagedMachinePool.Spec.ProviderIDList = providerIDs asoManagedMachinePool.Status.Replicas = int32(ptr.Deref(agentPool.Status.Count, 0)) - if machinePool.Annotations[clusterv1.ReplicasManagedByAnnotation] == infrav1exp.ReplicasManagedByAKS { + if _, autoscaling := machinePool.Annotations[clusterv1.ReplicasManagedByAnnotation]; autoscaling { machinePool.Spec.Replicas = &asoManagedMachinePool.Status.Replicas } @@ -286,6 +288,12 @@ func (r *AzureASOManagedMachinePoolReconciler) reconcileNormal(ctx context.Conte } func expectedNodeLabels(poolName, nodeRG string) map[string]string { + if len(poolName) > validation.LabelValueMaxLength { + poolName = poolName[:validation.LabelValueMaxLength] + } + if len(nodeRG) > validation.LabelValueMaxLength { + nodeRG = nodeRG[:validation.LabelValueMaxLength] + } return map[string]string{ "kubernetes.azure.com/agentpool": poolName, "kubernetes.azure.com/cluster": nodeRG, @@ -293,7 +301,7 @@ func expectedNodeLabels(poolName, nodeRG string) map[string]string { } //nolint:unparam // an empty ctrl.Result is always returned here, leaving it as-is to avoid churn in refactoring later if that changes. -func (r *AzureASOManagedMachinePoolReconciler) reconcilePaused(ctx context.Context, asoManagedMachinePool *infrav1exp.AzureASOManagedMachinePool) (ctrl.Result, error) { +func (r *AzureASOManagedMachinePoolReconciler) reconcilePaused(ctx context.Context, asoManagedMachinePool *infrav1alpha.AzureASOManagedMachinePool) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedMachinePoolReconciler.reconcilePaused") defer done() log.V(4).Info("reconciling pause") @@ -308,13 +316,13 @@ func (r *AzureASOManagedMachinePoolReconciler) reconcilePaused(ctx context.Conte return ctrl.Result{}, fmt.Errorf("failed to pause resources: %w", err) } - infracontroller.RemoveBlockMoveAnnotation(asoManagedMachinePool) + RemoveBlockMoveAnnotation(asoManagedMachinePool) return ctrl.Result{}, nil } //nolint:unparam // an empty ctrl.Result is always returned here, leaving it as-is to avoid churn in refactoring later if that changes. -func (r *AzureASOManagedMachinePoolReconciler) reconcileDelete(ctx context.Context, asoManagedMachinePool *infrav1exp.AzureASOManagedMachinePool, cluster *clusterv1.Cluster) (ctrl.Result, error) { +func (r *AzureASOManagedMachinePoolReconciler) reconcileDelete(ctx context.Context, asoManagedMachinePool *infrav1alpha.AzureASOManagedMachinePool, cluster *clusterv1.Cluster) (ctrl.Result, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.AzureASOManagedMachinePoolReconciler.reconcileDelete", ) diff --git a/exp/controllers/azureasomanagedmachinepool_controller_test.go b/controllers/azureasomanagedmachinepool_controller_test.go similarity index 86% rename from exp/controllers/azureasomanagedmachinepool_controller_test.go rename to controllers/azureasomanagedmachinepool_controller_test.go index 53e6d974bd5..c66caf1630c 100644 --- a/exp/controllers/azureasomanagedmachinepool_controller_test.go +++ b/controllers/azureasomanagedmachinepool_controller_test.go @@ -31,7 +31,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" "k8s.io/utils/ptr" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" clusterctlv1 "sigs.k8s.io/cluster-api/cmd/clusterctl/api/v1alpha3" expv1 "sigs.k8s.io/cluster-api/exp/api/v1beta1" @@ -56,7 +56,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { s := runtime.NewScheme() sb := runtime.NewSchemeBuilder( - infrav1exp.AddToScheme, + infrav1alpha.AddToScheme, clusterv1.AddToScheme, expv1.AddToScheme, asocontainerservicev1.AddToScheme, @@ -65,7 +65,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { fakeClientBuilder := func() *fakeclient.ClientBuilder { return fakeclient.NewClientBuilder(). WithScheme(s). - WithStatusSubresource(&infrav1exp.AzureASOManagedMachinePool{}) + WithStatusSubresource(&infrav1alpha.AzureASOManagedMachinePool{}) } t.Run("AzureASOManagedMachinePool does not exist", func(t *testing.T) { @@ -84,7 +84,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { t.Run("MachinePool does not exist", func(t *testing.T) { g := NewGomegaWithT(t) - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Name: "ammp", Namespace: "ns", @@ -112,7 +112,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { t.Run("Cluster does not exist", func(t *testing.T) { g := NewGomegaWithT(t) - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Name: "ammp", Namespace: "ns", @@ -156,12 +156,12 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, }, }, } - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Name: "ammp", Namespace: cluster.Namespace, @@ -208,12 +208,12 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, }, }, } - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Name: "ammp", Namespace: cluster.Namespace, @@ -231,8 +231,8 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { clusterctlv1.BlockMoveAnnotation: "true", }, }, - Spec: infrav1exp.AzureASOManagedMachinePoolSpec{ - AzureASOManagedMachinePoolTemplateResourceSpec: infrav1exp.AzureASOManagedMachinePoolTemplateResourceSpec{ + Spec: infrav1alpha.AzureASOManagedMachinePoolSpec{ + AzureASOManagedMachinePoolTemplateResourceSpec: infrav1alpha.AzureASOManagedMachinePoolTemplateResourceSpec{ Resources: []runtime.RawExtension{ { Raw: apJSON(g, &asocontainerservicev1.ManagedClustersAgentPool{ @@ -244,7 +244,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { }, }, }, - Status: infrav1exp.AzureASOManagedMachinePoolStatus{ + Status: infrav1alpha.AzureASOManagedMachinePoolStatus{ Ready: true, }, } @@ -262,11 +262,11 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { Build() r := &AzureASOManagedMachinePoolReconciler{ Client: c, - newResourceReconciler: func(asoManagedMachinePool *infrav1exp.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(asoManagedMachinePool *infrav1alpha.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ owner: asoManagedMachinePool, reconcileFunc: func(ctx context.Context, o client.Object) error { - asoManagedMachinePool.SetResourceStatuses([]infrav1exp.ResourceStatus{ + asoManagedMachinePool.SetResourceStatuses([]infrav1alpha.ResourceStatus{ {Ready: true}, {Ready: false}, {Ready: true}, @@ -294,8 +294,8 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, }, }, } @@ -323,7 +323,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { Count: ptr.To(3), }, } - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Name: "ammp", Namespace: cluster.Namespace, @@ -341,8 +341,8 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { clusterctlv1.BlockMoveAnnotation: "true", }, }, - Spec: infrav1exp.AzureASOManagedMachinePoolSpec{ - AzureASOManagedMachinePoolTemplateResourceSpec: infrav1exp.AzureASOManagedMachinePoolTemplateResourceSpec{ + Spec: infrav1alpha.AzureASOManagedMachinePoolSpec{ + AzureASOManagedMachinePoolTemplateResourceSpec: infrav1alpha.AzureASOManagedMachinePoolTemplateResourceSpec{ Resources: []runtime.RawExtension{ { Raw: apJSON(g, asoAgentPool), @@ -350,7 +350,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { }, }, }, - Status: infrav1exp.AzureASOManagedMachinePoolStatus{ + Status: infrav1alpha.AzureASOManagedMachinePoolStatus{ Ready: false, }, } @@ -371,7 +371,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { Build() r := &AzureASOManagedMachinePoolReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ reconcileFunc: func(ctx context.Context, o client.Object) error { return nil @@ -436,8 +436,8 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, }, }, } @@ -466,7 +466,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { Count: ptr.To(3), }, } - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Name: "ammp", Namespace: cluster.Namespace, @@ -484,8 +484,8 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { clusterctlv1.BlockMoveAnnotation: "true", }, }, - Spec: infrav1exp.AzureASOManagedMachinePoolSpec{ - AzureASOManagedMachinePoolTemplateResourceSpec: infrav1exp.AzureASOManagedMachinePoolTemplateResourceSpec{ + Spec: infrav1alpha.AzureASOManagedMachinePoolSpec{ + AzureASOManagedMachinePoolTemplateResourceSpec: infrav1alpha.AzureASOManagedMachinePoolTemplateResourceSpec{ Resources: []runtime.RawExtension{ { Raw: apJSON(g, asoAgentPool), @@ -493,7 +493,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { }, }, }, - Status: infrav1exp.AzureASOManagedMachinePoolStatus{ + Status: infrav1alpha.AzureASOManagedMachinePoolStatus{ Ready: false, }, } @@ -511,7 +511,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { Build() r := &AzureASOManagedMachinePoolReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ reconcileFunc: func(ctx context.Context, o client.Object) error { return nil @@ -547,12 +547,12 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { Spec: clusterv1.ClusterSpec{ Paused: true, ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, }, }, } - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Name: "ammp", Namespace: cluster.Namespace, @@ -582,7 +582,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { Build() r := &AzureASOManagedMachinePoolReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ pauseFunc: func(_ context.Context, _ client.Object) error { return nil @@ -608,12 +608,12 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { }, Spec: clusterv1.ClusterSpec{ ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, }, }, } - asoManagedMachinePool := &infrav1exp.AzureASOManagedMachinePool{ + asoManagedMachinePool := &infrav1alpha.AzureASOManagedMachinePool{ ObjectMeta: metav1.ObjectMeta{ Name: "ammp", Namespace: cluster.Namespace, @@ -644,7 +644,7 @@ func TestAzureASOManagedMachinePoolReconcile(t *testing.T) { Build() r := &AzureASOManagedMachinePoolReconciler{ Client: c, - newResourceReconciler: func(_ *infrav1exp.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { + newResourceReconciler: func(_ *infrav1alpha.AzureASOManagedMachinePool, _ []*unstructured.Unstructured) resourceReconciler { return &fakeResourceReconciler{ deleteFunc: func(ctx context.Context, o client.Object) error { return nil diff --git a/controllers/azurecluster_controller.go b/controllers/azurecluster_controller.go index d827291201a..fcec1e5d9b7 100644 --- a/controllers/azurecluster_controller.go +++ b/controllers/azurecluster_controller.go @@ -36,11 +36,11 @@ import ( "sigs.k8s.io/cluster-api/util/conditions" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // AzureClusterReconciler reconciles an AzureCluster object. @@ -81,27 +81,21 @@ func (acr *AzureClusterReconciler) SetupWithManager(ctx context.Context, mgr ctr r = coalescing.NewReconciler(acr, options.Cache, log) } - c, err := ctrl.NewControllerManagedBy(mgr). + return ctrl.NewControllerManagedBy(mgr). WithOptions(options.Options). For(&infrav1.AzureCluster{}). WithEventFilter(predicates.ResourceHasFilterLabel(log, acr.WatchFilterValue)). WithEventFilter(predicates.ResourceIsNotExternallyManaged(log)). - Build(r) - if err != nil { - return errors.Wrap(err, "error creating controller") - } - - // Add a watch on clusterv1.Cluster object for pause/unpause notifications. - if err = c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(util.ClusterToInfrastructureMapFunc(ctx, infrav1.GroupVersion.WithKind(infrav1.AzureClusterKind), mgr.GetClient(), &infrav1.AzureCluster{})), - ClusterUpdatePauseChange(log), - predicates.ResourceHasFilterLabel(log, acr.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for ready clusters") - } - - return nil + // Add a watch on clusterv1.Cluster object for pause/unpause notifications. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(util.ClusterToInfrastructureMapFunc(ctx, infrav1.GroupVersion.WithKind(infrav1.AzureClusterKind), mgr.GetClient(), &infrav1.AzureCluster{})), + builder.WithPredicates( + ClusterUpdatePauseChange(log), + predicates.ResourceHasFilterLabel(log, acr.WatchFilterValue), + ), + ). + Complete(r) } // +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=azureclusters,verbs=get;list;watch;create;update;patch;delete diff --git a/controllers/azurejson_machine_controller.go b/controllers/azurejson_machine_controller.go index 2eb5e5e4f03..d0abe751594 100644 --- a/controllers/azurejson_machine_controller.go +++ b/controllers/azurejson_machine_controller.go @@ -39,13 +39,13 @@ import ( "sigs.k8s.io/cluster-api/util/annotations" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/event" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/predicate" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // AzureJSONMachineReconciler reconciles Azure json secrets for AzureMachine objects. @@ -68,30 +68,23 @@ func (r *AzureJSONMachineReconciler) SetupWithManager(ctx context.Context, mgr c return errors.Wrap(err, "failed to create mapper for Cluster to AzureMachines") } - c, err := ctrl.NewControllerManagedBy(mgr). + return ctrl.NewControllerManagedBy(mgr). WithOptions(options). For(&infrav1.AzureMachine{}). WithEventFilter(filterUnclonedMachinesPredicate{log: log}). WithEventFilter(predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue)). Owns(&corev1.Secret{}). - Build(r) - - if err != nil { - return errors.Wrap(err, "failed to create controller") - } - - // Add a watch on Clusters to requeue when the infraRef is set. This is needed because the infraRef is not initially - // set in Clusters created from a ClusterClass. - if err := c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(azureMachineMapper), - predicates.ClusterUnpausedAndInfrastructureReady(log), - predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for Clusters") - } - - return nil + // Add a watch on Clusters to requeue when the infraRef is set. This is needed because the infraRef is not initially + // set in Clusters created from a ClusterClass. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(azureMachineMapper), + builder.WithPredicates( + predicates.ClusterUnpausedAndInfrastructureReady(log), + predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue), + ), + ). + Complete(r) } type filterUnclonedMachinesPredicate struct { diff --git a/controllers/azurejson_machinepool_controller.go b/controllers/azurejson_machinepool_controller.go index 9eac1dc5778..2cfec6ed430 100644 --- a/controllers/azurejson_machinepool_controller.go +++ b/controllers/azurejson_machinepool_controller.go @@ -36,11 +36,11 @@ import ( "sigs.k8s.io/cluster-api/util" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // AzureJSONMachinePoolReconciler reconciles Azure json secrets for AzureMachinePool objects. @@ -63,29 +63,22 @@ func (r *AzureJSONMachinePoolReconciler) SetupWithManager(ctx context.Context, m return errors.Wrap(err, "failed to create mapper for Cluster to AzureMachinePools") } - c, err := ctrl.NewControllerManagedBy(mgr). + return ctrl.NewControllerManagedBy(mgr). WithOptions(options). For(&infrav1exp.AzureMachinePool{}). WithEventFilter(predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue)). Owns(&corev1.Secret{}). - Build(r) - - if err != nil { - return errors.Wrap(err, "failed to create controller") - } - - // Add a watch on Clusters to requeue when the infraRef is set. This is needed because the infraRef is not initially - // set in Clusters created from a ClusterClass. - if err := c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(azureMachinePoolMapper), - predicates.ClusterUnpausedAndInfrastructureReady(log), - predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for Clusters") - } - - return nil + // Add a watch on Clusters to requeue when the infraRef is set. This is needed because the infraRef is not initially + // set in Clusters created from a ClusterClass. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(azureMachinePoolMapper), + builder.WithPredicates( + predicates.ClusterUnpausedAndInfrastructureReady(log), + predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue), + ), + ). + Complete(r) } // Reconcile reconciles the Azure json for AzureMachinePool objects. diff --git a/controllers/azurejson_machinetemplate_controller.go b/controllers/azurejson_machinetemplate_controller.go index baea0ee8e18..25ad9f0e836 100644 --- a/controllers/azurejson_machinetemplate_controller.go +++ b/controllers/azurejson_machinetemplate_controller.go @@ -38,11 +38,11 @@ import ( "sigs.k8s.io/cluster-api/util/annotations" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // AzureJSONTemplateReconciler reconciles Azure json secrets for AzureMachineTemplate objects. @@ -65,29 +65,22 @@ func (r *AzureJSONTemplateReconciler) SetupWithManager(ctx context.Context, mgr return errors.Wrap(err, "failed to create mapper for Cluster to AzureMachineTemplates") } - c, err := ctrl.NewControllerManagedBy(mgr). + return ctrl.NewControllerManagedBy(mgr). WithOptions(options). For(&infrav1.AzureMachineTemplate{}). WithEventFilter(predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue)). Owns(&corev1.Secret{}). - Build(r) - - if err != nil { - return errors.Wrap(err, "failed to create controller") - } - - // Add a watch on Clusters to requeue when the infraRef is set. This is needed because the infraRef is not initially - // set in Clusters created from a ClusterClass. - if err := c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(azureMachineTemplateMapper), - predicates.ClusterUnpausedAndInfrastructureReady(log), - predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for Clusters") - } - - return nil + // Add a watch on Clusters to requeue when the infraRef is set. This is needed because the infraRef is not initially + // set in Clusters created from a ClusterClass. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(azureMachineTemplateMapper), + builder.WithPredicates( + predicates.ClusterUnpausedAndInfrastructureReady(log), + predicates.ResourceNotPausedAndHasFilterLabel(log, r.WatchFilterValue), + ), + ). + Complete(r) } // Reconcile reconciles Azure json secrets for Azure machine templates. diff --git a/controllers/azuremachine_controller.go b/controllers/azuremachine_controller.go index 3d0652d1976..5c75f9498b8 100644 --- a/controllers/azuremachine_controller.go +++ b/controllers/azuremachine_controller.go @@ -37,11 +37,11 @@ import ( "sigs.k8s.io/cluster-api/util/conditions" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // AzureMachineReconciler reconciles an AzureMachine object. @@ -88,7 +88,12 @@ func (amr *AzureMachineReconciler) SetupWithManager(ctx context.Context, mgr ctr return errors.Wrap(err, "failed to create AzureCluster to AzureMachines mapper") } - c, err := ctrl.NewControllerManagedBy(mgr). + azureMachineMapper, err := util.ClusterToTypedObjectsMapper(amr.Client, &infrav1.AzureMachineList{}, mgr.GetScheme()) + if err != nil { + return errors.Wrap(err, "failed to create mapper for Cluster to AzureMachines") + } + + return ctrl.NewControllerManagedBy(mgr). WithOptions(options.Options). For(&infrav1.AzureMachine{}). WithEventFilter(predicates.ResourceHasFilterLabel(log, amr.WatchFilterValue)). @@ -102,27 +107,16 @@ func (amr *AzureMachineReconciler) SetupWithManager(ctx context.Context, mgr ctr &infrav1.AzureCluster{}, handler.EnqueueRequestsFromMapFunc(azureClusterToAzureMachinesMapper), ). - Build(r) - if err != nil { - return errors.Wrap(err, "error creating controller") - } - - azureMachineMapper, err := util.ClusterToTypedObjectsMapper(amr.Client, &infrav1.AzureMachineList{}, mgr.GetScheme()) - if err != nil { - return errors.Wrap(err, "failed to create mapper for Cluster to AzureMachines") - } - - // Add a watch on clusterv1.Cluster object for pause/unpause & ready notifications. - if err := c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(azureMachineMapper), - ClusterPauseChangeAndInfrastructureReady(log), - predicates.ResourceHasFilterLabel(log, amr.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for ready clusters") - } - - return nil + // Add a watch on clusterv1.Cluster object for pause/unpause & ready notifications. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(azureMachineMapper), + builder.WithPredicates( + ClusterPauseChangeAndInfrastructureReady(log), + predicates.ResourceHasFilterLabel(log, amr.WatchFilterValue), + ), + ). + Complete(r) } // +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=azuremachines,verbs=get;list;watch;create;update;patch;delete diff --git a/controllers/azuremanagedcluster_controller.go b/controllers/azuremanagedcluster_controller.go index f38b69fa842..b86092966ad 100644 --- a/controllers/azuremanagedcluster_controller.go +++ b/controllers/azuremanagedcluster_controller.go @@ -33,10 +33,10 @@ import ( "sigs.k8s.io/cluster-api/util/patch" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // AzureManagedClusterReconciler reconciles an AzureManagedCluster object. @@ -67,7 +67,7 @@ func (amcr *AzureManagedClusterReconciler) SetupWithManager(ctx context.Context, return errors.Wrap(err, "failed to create AzureManagedControlPlane to AzureManagedClusters mapper") } - c, err := ctrl.NewControllerManagedBy(mgr). + return ctrl.NewControllerManagedBy(mgr). WithOptions(options.Options). For(azManagedCluster). WithEventFilter(predicates.ResourceNotPausedAndHasFilterLabel(log, amcr.WatchFilterValue)). @@ -76,21 +76,16 @@ func (amcr *AzureManagedClusterReconciler) SetupWithManager(ctx context.Context, &infrav1.AzureManagedControlPlane{}, handler.EnqueueRequestsFromMapFunc(azureManagedControlPlaneMapper), ). - Build(r) - if err != nil { - return errors.Wrap(err, "error creating controller") - } - - // Add a watch on clusterv1.Cluster object for unpause notifications. - if err = c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(util.ClusterToInfrastructureMapFunc(ctx, infrav1.GroupVersion.WithKind(infrav1.AzureManagedClusterKind), mgr.GetClient(), &infrav1.AzureManagedCluster{})), - predicates.ClusterUnpaused(log), - predicates.ResourceNotPausedAndHasFilterLabel(log, amcr.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for ready clusters") - } - return nil + // Add a watch on clusterv1.Cluster object for unpause notifications. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(util.ClusterToInfrastructureMapFunc(ctx, infrav1.GroupVersion.WithKind(infrav1.AzureManagedClusterKind), mgr.GetClient(), &infrav1.AzureManagedCluster{})), + builder.WithPredicates( + predicates.ClusterUnpaused(log), + predicates.ResourceNotPausedAndHasFilterLabel(log, amcr.WatchFilterValue), + ), + ). + Complete(r) } // +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=azuremanagedclusters,verbs=get;list;watch;create;update;patch;delete diff --git a/controllers/azuremanagedcluster_controller_test.go b/controllers/azuremanagedcluster_controller_test.go new file mode 100644 index 00000000000..572fbd8239d --- /dev/null +++ b/controllers/azuremanagedcluster_controller_test.go @@ -0,0 +1,92 @@ +/* +Copyright 2024 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "testing" + + . "github.com/onsi/gomega" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + infrav1 "sigs.k8s.io/cluster-api-provider-azure/api/v1beta1" + "sigs.k8s.io/cluster-api-provider-azure/util/reconciler" + clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/client/fake" + "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" +) + +func TestAzureManagedClusterController(t *testing.T) { + g := NewWithT(t) + ctx := context.Background() + scheme := runtime.NewScheme() + g.Expect(infrav1.AddToScheme(scheme)).To(Succeed()) + g.Expect(clusterv1.AddToScheme(scheme)).To(Succeed()) + + cluster := &clusterv1.Cluster{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-capi-cluster", + Namespace: "fake-namespace", + }, + Spec: clusterv1.ClusterSpec{ + ControlPlaneRef: &corev1.ObjectReference{ + Name: "fake-control-plane", + }, + }, + } + cp := &infrav1.AzureManagedControlPlane{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-control-plane", + Namespace: "fake-namespace", + }, + Spec: infrav1.AzureManagedControlPlaneSpec{ + ControlPlaneEndpoint: clusterv1.APIEndpoint{ + Host: "fake-host", + Port: int32(8080), + }, + }, + } + aksCluster := &infrav1.AzureManagedCluster{ + ObjectMeta: metav1.ObjectMeta{ + Name: "fake-cluster", + Namespace: "fake-namespace", + }, + } + + g.Expect(controllerutil.SetOwnerReference(cluster, aksCluster, scheme)).To(Succeed()) + fakeclient := fake.NewClientBuilder().WithScheme(scheme).WithObjects(cluster, cp, aksCluster).WithStatusSubresource(cp, cluster, aksCluster).Build() + req := ctrl.Request{ + NamespacedName: types.NamespacedName{ + Name: "fake-cluster", + Namespace: "fake-namespace"}, + } + to := reconciler.Timeouts{} + rec := &AzureManagedClusterReconciler{ + Timeouts: to, + Client: fakeclient, + } + + _, err := rec.Reconcile(ctx, req) + g.Expect(err).ToNot(HaveOccurred()) + g.Expect(rec.Get(ctx, client.ObjectKeyFromObject(aksCluster), aksCluster)).To(Succeed()) + g.Expect(aksCluster.Spec.ControlPlaneEndpoint).To(Equal(cp.Spec.ControlPlaneEndpoint)) + g.Expect(aksCluster.Status.Ready).To(BeTrue()) +} diff --git a/controllers/azuremanagedcontrolplane_controller.go b/controllers/azuremanagedcontrolplane_controller.go index c88cf982842..a069fdaac2a 100644 --- a/controllers/azuremanagedcontrolplane_controller.go +++ b/controllers/azuremanagedcontrolplane_controller.go @@ -37,11 +37,11 @@ import ( "sigs.k8s.io/cluster-api/util/annotations" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // AzureManagedControlPlaneReconciler reconciles an AzureManagedControlPlane object. @@ -77,7 +77,7 @@ func (amcpr *AzureManagedControlPlaneReconciler) SetupWithManager(ctx context.Co // map requests for machine pools corresponding to AzureManagedControlPlane's defaultPool back to the corresponding AzureManagedControlPlane. azureManagedMachinePoolMapper := MachinePoolToAzureManagedControlPlaneMapFunc(ctx, amcpr.Client, infrav1.GroupVersion.WithKind(infrav1.AzureManagedControlPlaneKind), log) - c, err := ctrl.NewControllerManagedBy(mgr). + return ctrl.NewControllerManagedBy(mgr). WithOptions(options.Options). For(azManagedControlPlane). WithEventFilter(predicates.ResourceHasFilterLabel(log, amcpr.WatchFilterValue)). @@ -91,22 +91,16 @@ func (amcpr *AzureManagedControlPlaneReconciler) SetupWithManager(ctx context.Co &expv1.MachinePool{}, handler.EnqueueRequestsFromMapFunc(azureManagedMachinePoolMapper), ). - Build(r) - if err != nil { - return errors.Wrap(err, "error creating controller") - } - - // Add a watch on clusterv1.Cluster object for pause/unpause & ready notifications. - if err = c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(amcpr.ClusterToAzureManagedControlPlane), - ClusterPauseChangeAndInfrastructureReady(log), - predicates.ResourceHasFilterLabel(log, amcpr.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for ready clusters") - } - - return nil + // Add a watch on clusterv1.Cluster object for pause/unpause & ready notifications. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(amcpr.ClusterToAzureManagedControlPlane), + builder.WithPredicates( + ClusterPauseChangeAndInfrastructureReady(log), + predicates.ResourceHasFilterLabel(log, amcpr.WatchFilterValue), + ), + ). + Complete(r) } // +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=azuremanagedcontrolplanes,verbs=get;list;watch;create;update;patch;delete diff --git a/controllers/azuremanagedcontrolplane_reconciler.go b/controllers/azuremanagedcontrolplane_reconciler.go index 8f70b500a81..783a0ba7e1f 100644 --- a/controllers/azuremanagedcontrolplane_reconciler.go +++ b/controllers/azuremanagedcontrolplane_reconciler.go @@ -33,6 +33,7 @@ import ( "sigs.k8s.io/cluster-api-provider-azure/azure/services/subnets" "sigs.k8s.io/cluster-api-provider-azure/azure/services/virtualnetworks" "sigs.k8s.io/cluster-api-provider-azure/util/tele" + clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" "sigs.k8s.io/cluster-api/util/secret" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" @@ -137,6 +138,15 @@ func (r *azureManagedControlPlaneService) reconcileKubeconfig(ctx context.Contex kubeConfigSecret.Data = map[string][]byte{ secret.KubeconfigDataName: kubeConfigData, } + + // When upgrading from an older version of CAPI, the kubeconfig secret may not have the required + // cluster name label. Add it here to avoid kubeconfig issues during upgrades. + if _, ok := kubeConfigSecret.Labels[clusterv1.ClusterNameLabel]; !ok { + if kubeConfigSecret.Labels == nil { + kubeConfigSecret.Labels = make(map[string]string) + } + kubeConfigSecret.Labels[clusterv1.ClusterNameLabel] = r.scope.ClusterName() + } return nil }); err != nil { return errors.Wrap(err, "failed to reconcile kubeconfig secret for cluster") diff --git a/controllers/azuremanagedmachinepool_controller.go b/controllers/azuremanagedmachinepool_controller.go index 9134d0438c8..046c55b0878 100644 --- a/controllers/azuremanagedmachinepool_controller.go +++ b/controllers/azuremanagedmachinepool_controller.go @@ -37,11 +37,11 @@ import ( "sigs.k8s.io/cluster-api/util/conditions" "sigs.k8s.io/cluster-api/util/predicates" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" ) // AzureManagedMachinePoolReconciler reconciles an AzureManagedMachinePool object. @@ -89,7 +89,12 @@ func (ammpr *AzureManagedMachinePoolReconciler) SetupWithManager(ctx context.Con return errors.Wrap(err, "failed to create AzureManagedControlPlane to AzureManagedMachinePools mapper") } - c, err := ctrl.NewControllerManagedBy(mgr). + azureManagedMachinePoolMapper, err := util.ClusterToTypedObjectsMapper(ammpr.Client, &infrav1.AzureManagedMachinePoolList{}, mgr.GetScheme()) + if err != nil { + return errors.Wrap(err, "failed to create mapper for Cluster to AzureManagedMachinePools") + } + + return ctrl.NewControllerManagedBy(mgr). WithOptions(options.Options). For(azManagedMachinePool). WithEventFilter(predicates.ResourceHasFilterLabel(log, ammpr.WatchFilterValue)). @@ -103,27 +108,16 @@ func (ammpr *AzureManagedMachinePoolReconciler) SetupWithManager(ctx context.Con &infrav1.AzureManagedControlPlane{}, handler.EnqueueRequestsFromMapFunc(azureManagedControlPlaneMapper), ). - Build(r) - if err != nil { - return errors.Wrap(err, "error creating controller") - } - - azureManagedMachinePoolMapper, err := util.ClusterToTypedObjectsMapper(ammpr.Client, &infrav1.AzureManagedMachinePoolList{}, mgr.GetScheme()) - if err != nil { - return errors.Wrap(err, "failed to create mapper for Cluster to AzureManagedMachinePools") - } - - // Add a watch on clusterv1.Cluster object for pause/unpause & ready notifications. - if err = c.Watch( - source.Kind(mgr.GetCache(), &clusterv1.Cluster{}), - handler.EnqueueRequestsFromMapFunc(azureManagedMachinePoolMapper), - ClusterPauseChangeAndInfrastructureReady(log), - predicates.ResourceHasFilterLabel(log, ammpr.WatchFilterValue), - ); err != nil { - return errors.Wrap(err, "failed adding a watch for ready clusters") - } - - return nil + // Add a watch on clusterv1.Cluster object for pause/unpause & ready notifications. + Watches( + &clusterv1.Cluster{}, + handler.EnqueueRequestsFromMapFunc(azureManagedMachinePoolMapper), + builder.WithPredicates( + ClusterPauseChangeAndInfrastructureReady(log), + predicates.ResourceHasFilterLabel(log, ammpr.WatchFilterValue), + ), + ). + Complete(r) } // +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=azuremanagedmachinepools,verbs=get;list;watch;create;update;patch;delete diff --git a/controllers/azuremanagedmachinepool_reconciler.go b/controllers/azuremanagedmachinepool_reconciler.go index f63083967d7..f7039e4bc02 100644 --- a/controllers/azuremanagedmachinepool_reconciler.go +++ b/controllers/azuremanagedmachinepool_reconciler.go @@ -22,8 +22,8 @@ import ( "time" "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5" - asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20230202preview" asocontainerservicev1 "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231001" + asocontainerservicev1preview "github.com/Azure/azure-service-operator/v2/api/containerservice/v1api20231102preview" "github.com/pkg/errors" azprovider "sigs.k8s.io/cloud-provider-azure/pkg/provider" "sigs.k8s.io/cluster-api-provider-azure/azure" diff --git a/exp/controllers/managedclusteradopt_controller.go b/controllers/managedclusteradopt_controller.go similarity index 81% rename from exp/controllers/managedclusteradopt_controller.go rename to controllers/managedclusteradopt_controller.go index 0b78f3e1fb2..23a67ba1106 100644 --- a/exp/controllers/managedclusteradopt_controller.go +++ b/controllers/managedclusteradopt_controller.go @@ -25,16 +25,20 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" "sigs.k8s.io/cluster-api-provider-azure/util/tele" clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/event" "sigs.k8s.io/controller-runtime/pkg/predicate" ) -const adoptAnnotation = "sigs.k8s.io/cluster-api-provider-azure-adopt" +const ( + adoptAnnotation = "sigs.k8s.io/cluster-api-provider-azure-adopt" + adoptAnnotationValue = "true" +) // ManagedClusterAdoptReconciler adopts ASO ManagedCluster resources into a CAPI Cluster. type ManagedClusterAdoptReconciler struct { @@ -42,8 +46,9 @@ type ManagedClusterAdoptReconciler struct { } // SetupWithManager sets up the controller with the Manager. -func (r *ManagedClusterAdoptReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager) error { +func (r *ManagedClusterAdoptReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, options controller.Options) error { _, err := ctrl.NewControllerManagedBy(mgr). + WithOptions(options). For(&asocontainerservicev1.ManagedCluster{}). WithEventFilter(predicate.Funcs{ UpdateFunc: func(ev event.UpdateEvent) bool { @@ -77,13 +82,13 @@ func (r *ManagedClusterAdoptReconciler) Reconcile(ctx context.Context, req ctrl. return ctrl.Result{}, client.IgnoreNotFound(err) } - if managedCluster.GetAnnotations()[adoptAnnotation] != "true" { + if managedCluster.GetAnnotations()[adoptAnnotation] != adoptAnnotationValue { return ctrl.Result{}, nil } for _, owner := range managedCluster.GetOwnerReferences() { - if owner.APIVersion == infrav1exp.GroupVersion.Identifier() && - owner.Kind == infrav1exp.AzureASOManagedControlPlaneKind { + if owner.APIVersion == infrav1alpha.GroupVersion.Identifier() && + owner.Kind == infrav1alpha.AzureASOManagedControlPlaneKind { return ctrl.Result{}, nil } } @@ -97,13 +102,13 @@ func (r *ManagedClusterAdoptReconciler) Reconcile(ctx context.Context, req ctrl. }, Spec: clusterv1.ClusterSpec{ InfrastructureRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedClusterKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedClusterKind, Name: managedCluster.Name, }, ControlPlaneRef: &corev1.ObjectReference{ - APIVersion: infrav1exp.GroupVersion.Identifier(), - Kind: infrav1exp.AzureASOManagedControlPlaneKind, + APIVersion: infrav1alpha.GroupVersion.Identifier(), + Kind: infrav1alpha.AzureASOManagedControlPlaneKind, Name: managedCluster.Name, }, }, @@ -137,13 +142,13 @@ func (r *ManagedClusterAdoptReconciler) Reconcile(ctx context.Context, req ctrl. Spec: resourceGroup.Spec, } - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{ + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Namespace: managedCluster.Namespace, Name: managedCluster.Name, }, - Spec: infrav1exp.AzureASOManagedClusterSpec{ - AzureASOManagedClusterTemplateResourceSpec: infrav1exp.AzureASOManagedClusterTemplateResourceSpec{ + Spec: infrav1alpha.AzureASOManagedClusterSpec{ + AzureASOManagedClusterTemplateResourceSpec: infrav1alpha.AzureASOManagedClusterTemplateResourceSpec{ Resources: []runtime.RawExtension{ {Object: resourceGroup}, }, @@ -174,13 +179,13 @@ func (r *ManagedClusterAdoptReconciler) Reconcile(ctx context.Context, req ctrl. Spec: managedCluster.Spec, } - asoManagedControlPlane := &infrav1exp.AzureASOManagedControlPlane{ + asoManagedControlPlane := &infrav1alpha.AzureASOManagedControlPlane{ ObjectMeta: metav1.ObjectMeta{ Namespace: cluster.Namespace, Name: managedCluster.Name, }, - Spec: infrav1exp.AzureASOManagedControlPlaneSpec{ - AzureASOManagedControlPlaneTemplateResourceSpec: infrav1exp.AzureASOManagedControlPlaneTemplateResourceSpec{ + Spec: infrav1alpha.AzureASOManagedControlPlaneSpec{ + AzureASOManagedControlPlaneTemplateResourceSpec: infrav1alpha.AzureASOManagedControlPlaneTemplateResourceSpec{ Resources: []runtime.RawExtension{ {Object: managedCluster}, }, diff --git a/exp/controllers/resource_reconciler.go b/controllers/resource_reconciler.go similarity index 91% rename from exp/controllers/resource_reconciler.go rename to controllers/resource_reconciler.go index 3788723e2c3..438e5720572 100644 --- a/exp/controllers/resource_reconciler.go +++ b/controllers/resource_reconciler.go @@ -26,11 +26,10 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/klog/v2" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" - "sigs.k8s.io/cluster-api-provider-azure/exp/mutators" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" + "sigs.k8s.io/cluster-api-provider-azure/pkg/mutators" "sigs.k8s.io/cluster-api-provider-azure/util/tele" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" @@ -48,13 +47,13 @@ type ResourceReconciler struct { } type watcher interface { - Watch(log logr.Logger, obj runtime.Object, handler handler.EventHandler, p ...predicate.Predicate) error + Watch(log logr.Logger, obj client.Object, handler handler.EventHandler, p ...predicate.Predicate) error } type resourceStatusObject interface { client.Object - GetResourceStatuses() []infrav1exp.ResourceStatus - SetResourceStatuses([]infrav1exp.ResourceStatus) + GetResourceStatuses() []infrav1alpha.ResourceStatus + SetResourceStatuses([]infrav1alpha.ResourceStatus) } // Reconcile creates or updates the specified resources. @@ -63,7 +62,7 @@ func (r *ResourceReconciler) Reconcile(ctx context.Context) error { defer done() log.V(4).Info("reconciling resources") - var newResourceStatuses []infrav1exp.ResourceStatus + var newResourceStatuses []infrav1alpha.ResourceStatus for _, spec := range r.resources { gvk := spec.GroupVersionKind() @@ -89,8 +88,8 @@ func (r *ResourceReconciler) Reconcile(ctx context.Context) error { if err != nil { return fmt.Errorf("failed to get ready status: %w", err) } - newResourceStatuses = append(newResourceStatuses, infrav1exp.ResourceStatus{ - Resource: infrav1exp.StatusResource{ + newResourceStatuses = append(newResourceStatuses, infrav1alpha.ResourceStatus{ + Resource: infrav1alpha.StatusResource{ Group: gvk.Group, Version: gvk.Version, Kind: gvk.Kind, @@ -163,7 +162,7 @@ func (r *ResourceReconciler) Delete(ctx context.Context) error { defer done() log.V(4).Info("deleting resources") - var newResourceStatuses []infrav1exp.ResourceStatus + var newResourceStatuses []infrav1alpha.ResourceStatus for _, spec := range r.owner.GetResourceStatuses() { newStatus, err := r.deleteResource(ctx, spec.Resource) @@ -180,7 +179,7 @@ func (r *ResourceReconciler) Delete(ctx context.Context) error { return nil } -func (r *ResourceReconciler) deleteResource(ctx context.Context, resource infrav1exp.StatusResource) (*infrav1exp.ResourceStatus, error) { +func (r *ResourceReconciler) deleteResource(ctx context.Context, resource infrav1alpha.StatusResource) (*infrav1alpha.ResourceStatus, error) { ctx, log, done := tele.StartSpanWithLogger(ctx, "controllers.ResourceReconciler.deleteResource") defer done() @@ -214,7 +213,7 @@ func (r *ResourceReconciler) deleteResource(ctx context.Context, resource infrav return nil, fmt.Errorf("failed to get ready status: %w", err) } - return &infrav1exp.ResourceStatus{ + return &infrav1alpha.ResourceStatus{ Resource: resource, Ready: ready, }, nil diff --git a/exp/controllers/resource_reconciler_test.go b/controllers/resource_reconciler_test.go similarity index 92% rename from exp/controllers/resource_reconciler_test.go rename to controllers/resource_reconciler_test.go index 41aabf4187f..3cc12972f99 100644 --- a/exp/controllers/resource_reconciler_test.go +++ b/controllers/resource_reconciler_test.go @@ -29,7 +29,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" - infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha1" + infrav1alpha "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha1" "sigs.k8s.io/controller-runtime/pkg/client" fakeclient "sigs.k8s.io/controller-runtime/pkg/client/fake" "sigs.k8s.io/controller-runtime/pkg/handler" @@ -55,7 +55,7 @@ type FakeWatcher struct { watching map[string]struct{} } -func (w *FakeWatcher) Watch(_ logr.Logger, obj runtime.Object, _ handler.EventHandler, _ ...predicate.Predicate) error { +func (w *FakeWatcher) Watch(_ logr.Logger, obj client.Object, _ handler.EventHandler, _ ...predicate.Predicate) error { if w.watching == nil { w.watching = make(map[string]struct{}) } @@ -68,7 +68,7 @@ func TestResourceReconcilerReconcile(t *testing.T) { s := runtime.NewScheme() sb := runtime.NewSchemeBuilder( - infrav1exp.AddToScheme, + infrav1alpha.AddToScheme, asoresourcesv1.AddToScheme, ) NewGomegaWithT(t).Expect(sb.AddToScheme(s)).To(Succeed()) @@ -76,7 +76,7 @@ func TestResourceReconcilerReconcile(t *testing.T) { fakeClientBuilder := func() *fakeclient.ClientBuilder { return fakeclient.NewClientBuilder(). WithScheme(s). - WithStatusSubresource(&infrav1exp.AzureASOManagedCluster{}) + WithStatusSubresource(&infrav1alpha.AzureASOManagedCluster{}) } t.Run("empty resources", func(t *testing.T) { @@ -84,7 +84,7 @@ func TestResourceReconcilerReconcile(t *testing.T) { r := &ResourceReconciler{ resources: []*unstructured.Unstructured{}, - owner: &infrav1exp.AzureASOManagedCluster{}, + owner: &infrav1alpha.AzureASOManagedCluster{}, } g.Expect(r.Reconcile(ctx)).To(Succeed()) @@ -97,7 +97,7 @@ func TestResourceReconcilerReconcile(t *testing.T) { c := fakeClientBuilder(). Build() - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{} + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{} unpatchedRGs := map[string]struct{}{ "rg1": {}, @@ -152,9 +152,9 @@ func TestResourceReconcilerReconcile(t *testing.T) { t.Run("delete stale resources", func(t *testing.T) { g := NewGomegaWithT(t) - owner := &infrav1exp.AzureASOManagedCluster{ - Status: infrav1exp.AzureASOManagedClusterStatus{ - Resources: []infrav1exp.ResourceStatus{ + owner := &infrav1alpha.AzureASOManagedCluster{ + Status: infrav1alpha.AzureASOManagedClusterStatus{ + Resources: []infrav1alpha.ResourceStatus{ rgStatus("rg0"), rgStatus("rg1"), rgStatus("rg2"), @@ -234,7 +234,7 @@ func TestResourceReconcilerPause(t *testing.T) { s := runtime.NewScheme() sb := runtime.NewSchemeBuilder( - infrav1exp.AddToScheme, + infrav1alpha.AddToScheme, asoresourcesv1.AddToScheme, ) NewGomegaWithT(t).Expect(sb.AddToScheme(s)).To(Succeed()) @@ -242,7 +242,7 @@ func TestResourceReconcilerPause(t *testing.T) { fakeClientBuilder := func() *fakeclient.ClientBuilder { return fakeclient.NewClientBuilder(). WithScheme(s). - WithStatusSubresource(&infrav1exp.AzureASOManagedCluster{}) + WithStatusSubresource(&infrav1alpha.AzureASOManagedCluster{}) } t.Run("empty resources", func(t *testing.T) { @@ -250,7 +250,7 @@ func TestResourceReconcilerPause(t *testing.T) { r := &ResourceReconciler{ resources: []*unstructured.Unstructured{}, - owner: &infrav1exp.AzureASOManagedCluster{}, + owner: &infrav1alpha.AzureASOManagedCluster{}, } g.Expect(r.Pause(ctx)).To(Succeed()) @@ -262,7 +262,7 @@ func TestResourceReconcilerPause(t *testing.T) { c := fakeClientBuilder(). Build() - asoManagedCluster := &infrav1exp.AzureASOManagedCluster{} + asoManagedCluster := &infrav1alpha.AzureASOManagedCluster{} var patchedRGs []string r := &ResourceReconciler{ @@ -299,7 +299,7 @@ func TestResourceReconcilerDelete(t *testing.T) { s := runtime.NewScheme() sb := runtime.NewSchemeBuilder( - infrav1exp.AddToScheme, + infrav1alpha.AddToScheme, asoresourcesv1.AddToScheme, ) NewGomegaWithT(t).Expect(sb.AddToScheme(s)).To(Succeed()) @@ -307,7 +307,7 @@ func TestResourceReconcilerDelete(t *testing.T) { fakeClientBuilder := func() *fakeclient.ClientBuilder { return fakeclient.NewClientBuilder(). WithScheme(s). - WithStatusSubresource(&infrav1exp.AzureASOManagedCluster{}) + WithStatusSubresource(&infrav1alpha.AzureASOManagedCluster{}) } t.Run("empty resources", func(t *testing.T) { @@ -315,7 +315,7 @@ func TestResourceReconcilerDelete(t *testing.T) { r := &ResourceReconciler{ resources: []*unstructured.Unstructured{}, - owner: &infrav1exp.AzureASOManagedCluster{}, + owner: &infrav1alpha.AzureASOManagedCluster{}, } g.Expect(r.Delete(ctx)).To(Succeed()) @@ -324,12 +324,12 @@ func TestResourceReconcilerDelete(t *testing.T) { t.Run("delete several resources", func(t *testing.T) { g := NewGomegaWithT(t) - owner := &infrav1exp.AzureASOManagedCluster{ + owner := &infrav1alpha.AzureASOManagedCluster{ ObjectMeta: metav1.ObjectMeta{ Namespace: "ns", }, - Status: infrav1exp.AzureASOManagedClusterStatus{ - Resources: []infrav1exp.ResourceStatus{ + Status: infrav1alpha.AzureASOManagedClusterStatus{ + Resources: []infrav1alpha.ResourceStatus{ rgStatus("still-deleting"), rgStatus("already-gone"), }, @@ -581,9 +581,9 @@ func rgJSON(g Gomega, scheme *runtime.Scheme, rg *asoresourcesv1.ResourceGroup) return u } -func rgStatus(name string) infrav1exp.ResourceStatus { - return infrav1exp.ResourceStatus{ - Resource: infrav1exp.StatusResource{ +func rgStatus(name string) infrav1alpha.ResourceStatus { + return infrav1alpha.ResourceStatus{ + Resource: infrav1alpha.StatusResource{ Group: asoresourcesv1.GroupVersion.Group, Version: asoresourcesv1.GroupVersion.Version, Kind: "ResourceGroup", diff --git a/docs/README.md b/docs/README.md index bb24b76eb9e..4e4cd234d3b 100644 --- a/docs/README.md +++ b/docs/README.md @@ -2,7 +2,7 @@ ## Quick start -- [Getting started](https://capz.sigs.k8s.io/topics/getting-started.html) +- [Getting started](https://capz.sigs.k8s.io/getting-started.html) - [Cluster API quick start](https://cluster-api.sigs.k8s.io/user/quick-start.html) ## Features @@ -22,4 +22,11 @@ ## Troubleshooting -- [Troubleshooting guide](https://capz.sigs.k8s.io/topics/troubleshooting.html) +- [Self-managed troubleshooting guide](https://capz.sigs.k8s.io/self-managed/troubleshooting.html) +- [Managed troubleshooting guide](https://capz.sigs.k8s.io/managed/troubleshooting.html) + +## Docs contributors + +To run the link check linter, execute the following command from the root of the repository: + +`find . -name '*.md' -not -path './node_modules/*' -exec markdown-link-check '{}' --config .markdownlinkcheck.json -q ';'` diff --git a/docs/book/book.toml b/docs/book/book.toml index ed59d3c2dc5..b44632294ad 100644 --- a/docs/book/book.toml +++ b/docs/book/book.toml @@ -10,7 +10,7 @@ build-dir = "bookout" create-missing = false [output.html] -curly-quotes = true +smart-punctionation = true git-repository-url = "https://sigs.k8s.io/cluster-api-provider-azure" [preprocessor.tabulate] diff --git a/docs/book/install-and-build.sh b/docs/book/install-and-build.sh index a454fb76b6f..5e2e4692611 100755 --- a/docs/book/install-and-build.sh +++ b/docs/book/install-and-build.sh @@ -23,8 +23,8 @@ cd "${KUBE_ROOT}" || exit 1 os=$(go env GOOS) arch=$(go env GOARCH) -mdBookVersion="v0.4.35" -genCRDAPIReferenceDocsVersion="11fe95cbdcb91e9c25446fc99e6f2cdd8cbeb91a" +mdBookVersion="v0.4.40" +genCRDAPIReferenceDocsVersion="642c3aa7441d324f54f5a9a6a1841ffffacf5aeb" # translate arch to rust's conventions (if we can) if [[ ${arch} == "amd64" ]]; then @@ -76,7 +76,7 @@ genCRDAPIReferenceDocs="${genCRDAPIReferenceDocsPath}/gen-crd-api-reference-docs ${genCRDAPIReferenceDocs} -config "${genCRDAPIReferenceDocsPath}/example-config.json" -template-dir "${genCRDAPIReferenceDocsPath}/template" -api-dir ./api/v1beta1 -out-file ./docs/book/src/reference/v1beta1-api-raw.html ${genCRDAPIReferenceDocs} -config "${genCRDAPIReferenceDocsPath}/example-config.json" -template-dir "${genCRDAPIReferenceDocsPath}/template" -api-dir ./exp/api/v1beta1 -out-file ./docs/book/src/reference/v1beta1-exp-api-raw.html -${genCRDAPIReferenceDocs} -config "${genCRDAPIReferenceDocsPath}/example-config.json" -template-dir "${genCRDAPIReferenceDocsPath}/template" -api-dir ./exp/api/v1alpha1 -out-file ./docs/book/src/reference/v1alpha1-exp-api-raw.html +${genCRDAPIReferenceDocs} -config "${genCRDAPIReferenceDocsPath}/example-config.json" -template-dir "${genCRDAPIReferenceDocsPath}/template" -api-dir ./api/v1alpha1 -out-file ./docs/book/src/reference/v1alpha1-api-raw.html # Finally build the book. (cd docs/book && /tmp/mdbook build) diff --git a/docs/book/src/SUMMARY.md b/docs/book/src/SUMMARY.md index 40045ebfa49..cea635b41df 100644 --- a/docs/book/src/SUMMARY.md +++ b/docs/book/src/SUMMARY.md @@ -1,45 +1,51 @@ # Summary [Introduction](./introduction.md) +[Getting Started](./getting-started.md) [Roadmap](./roadmap.md) -- [Topics](./topics/topics.md) - - [Getting Started](./topics/getting-started.md) - - [Troubleshooting](./topics/troubleshooting.md) - - [AAD Integration](./topics/aad-integration.md) - - [Addons](./topics/addons.md) - - [API Server Endpoint](./topics/api-server-endpoint.md) +- [General Topics](./topics/topics.md) - [Azure Service Operator](./topics/aso.md) - - [Cloud Provider Config](./topics/cloud-provider-config.md) - [ClusterClass](./topics/clusterclass.md) - - [Control Plane Outbound Load Balancer](./topics/control-plane-outbound-lb.md) - - [Custom Images](./topics/custom-images.md) - - [Custom Private DNS Zone Name](./topics/custom-dns.md) - - [Custom VM Extensions](./topics/custom-vm-extensions.md) - - [Disks](./topics/disks.md) - - [Data Disks](./topics/data-disks.md) - - [OS Disk](./topics/os-disk.md) - - [Disk Encryption](./topics/disk-encryption.md) - - [Dual-Stack](./topics/dual-stack.md) - - [Externally managed Azure infrastructure](./topics/externally-managed-azure-infrastructure.md) - - [Failure Domains](./topics/failure-domains.md) - - [Flatcar](./topics/flatcar.md) - - [GPU-enabled Clusters](./topics/gpu.md) - - [Confidential VMs](./topics/confidential-vms.md) - - [Trusted Launch for VMs](./topics/trusted-launch-for-vms.md) - [Identities](./topics/identities.md) + - [AAD Integration](./topics/aad-integration.md) - [Identity use cases](./topics/identities-use-cases.md) - [Multi-tenancy](./topics/multitenancy.md) - [Workload Identity](./topics/workload-identity.md) - - [IPv6](./topics/ipv6.md) - - [Machine Pools (VMSS)](./topics/machinepools.md) - - [Managed Clusters (AKS)](./topics/managedcluster.md) - - [Node Outbound Connection](./topics/node-outbound-connection.md) - - [Spot Virtual Machines](./topics/spot-vms.md) - - [SSH Access to nodes](./topics/ssh-access.md) - - [Virtual Networks](./topics/custom-vnet.md) - - [VM Identity](./topics/vm-identity.md) - - [Windows](./topics/windows.md) - - [WebAssembly / WASI Pods](./topics/wasi.md) +- [Managed Clusters (AKS)](./managed/managed.md) + - [Adopting Clusters](./managed/adopting-clusters.md) + - [ASO Managed Clusters (AKS)](./managed/asomanagedcluster.md) + - [Managed Clusters (AKS)](./managed/managedcluster.md) + - [Managed Clusters - BYO VMSS Nodes](./managed/managedcluster-join-vmss.md) + - [Troubleshooting](./managed/troubleshooting.md) +- [Self-managed Clusters](./self-managed/self-managed.md) + - [Addons](./self-managed/addons.md) + - [API Server Endpoint](./self-managed/api-server-endpoint.md) + - [Cloud Provider Config](./self-managed/cloud-provider-config.md) + - [Confidential VMs](./self-managed/confidential-vms.md) + - [Control Plane Outbound Load Balancer](./self-managed/control-plane-outbound-lb.md) + - [Custom Images](./self-managed/custom-images.md) + - [Custom Private DNS Zone Name](./self-managed/custom-dns.md) + - [Custom VM Extensions](./self-managed/custom-vm-extensions.md) + - [Disks](./self-managed/disks.md) + - [Data Disks](./self-managed/data-disks.md) + - [Disk Encryption](./self-managed/disk-encryption.md) + - [OS Disk](./self-managed/os-disk.md) + - [Dual-Stack](./self-managed/dual-stack.md) + - [Externally managed Azure infrastructure](./self-managed/externally-managed-azure-infrastructure.md) + - [Failure Domains](./self-managed/failure-domains.md) + - [Flatcar](./self-managed/flatcar.md) + - [GPU-enabled Clusters](./self-managed/gpu.md) + - [IPv6](./self-managed/ipv6.md) + - [Machine Pools (VMSS)](./self-managed/machinepools.md) + - [Node Outbound Connection](./self-managed/node-outbound-connection.md) + - [Spot Virtual Machines](./self-managed/spot-vms.md) + - [SSH Access to nodes](./self-managed/ssh-access.md) + - [Troubleshooting](./self-managed/troubleshooting.md) + - [Trusted Launch for VMs](./self-managed/trusted-launch-for-vms.md) + - [Virtual Networks](./self-managed/custom-vnet.md) + - [VM Identity](./self-managed/vm-identity.md) + - [WebAssembly / WASI Pods](./self-managed/wasi.md) + - [Windows](./self-managed/windows.md) - [Development](./developers/development.md) - [Kubernetes Developers](./developers/kubernetes-developers.md) - [Releasing](./developers/releasing.md) @@ -47,4 +53,4 @@ - [Reference](./reference/reference.md) - [v1beta1 API](./reference/v1beta1-api.md) - [v1beta1 exp API](./reference/v1beta1-exp-api.md) - - [v1alpha1 exp API](./reference/v1alpha1-exp-api.md) + - [v1alpha1 API](./reference/v1alpha1-api.md) diff --git a/docs/book/src/developers/development.md b/docs/book/src/developers/development.md index ab0ac95afb3..0845fa0ede4 100644 --- a/docs/book/src/developers/development.md +++ b/docs/book/src/developers/development.md @@ -46,7 +46,7 @@ ### Base requirements 1. Install [go][go] - - Get the latest patch version for go v1.21. + - Get the latest patch version for go v1.22. 2. Install [jq][jq] - `brew install jq` on macOS. - `sudo apt install jq` on Windows + WSL2 @@ -122,7 +122,7 @@ Makefile targets and scripts are offered to work with go modules: ### Setting up the environment -Your must have the Azure credentials as outlined in the [getting started prerequisites](../topics/getting-started.md#Prerequisites) section. +You must have the Azure credentials as outlined in the [getting started prerequisites](../getting-started.md#Prerequisites) section. ### Tilt Requirements @@ -163,7 +163,7 @@ kustomize_substitutions: AZURE_CLIENT_ID: ``` -You should have these values saved from the [getting started prerequisites](../topics/getting-started.md#Prerequisites) section. +You should have these values saved from the [getting started prerequisites](../getting-started.md#Prerequisites) section. To build a kind cluster and start Tilt, just run: @@ -218,7 +218,7 @@ kustomize_substitutions: EOF ``` -Make sure to replace the credentials with the values from the [getting started prerequisites](../topics/getting-started.md#Prerequisites) section. +Make sure to replace the credentials with the values from the [getting started prerequisites](../getting-started.md#Prerequisites) section. > `$REGISTRY` should be in the format `docker.io/` @@ -245,7 +245,7 @@ To delete the cluster: make delete-workload-cluster ``` -> Check out the [troubleshooting guide](../topics/troubleshooting.md) for common errors you might run into. +> Check out the [self-managed](../self-managed/troubleshooting.md) and [managed](../managed/troubleshooting.md) troubleshooting guides for common errors you might run into. #### Viewing Telemetry @@ -414,7 +414,7 @@ Create the cluster: make create-cluster ``` -> Check out the [troubleshooting](../topics/troubleshooting.md) guide for common errors you might run into. +> Check out the [self-managed](../self-managed/troubleshooting.md) and [managed](../managed/troubleshooting.md) troubleshooting guides for common errors you might run into ### Instrumenting Telemetry Telemetry is the key to operational transparency. We strive to provide insight into the internal behavior of the @@ -540,7 +540,7 @@ With the following environment variables defined, you can build a CAPZ cluster f | `E2E_ARGS` | `-kubetest.use-ci-artifacts` | | `KUBERNETES_VERSION` | `latest` - extract Kubernetes version from https://dl.k8s.io/ci/latest.txt (main's HEAD)
`latest-1.` - extract Kubernetes version from dl.k8s.io/ci/latest-1..txt (release branch's HEAD) | | `WINDOWS_SERVER_VERSION` | Optional, can be `windows-2019` (default) or `windows-2022` | -| `KUBETEST_WINDOWS_CONFIG` | Optional, can be `upstream-windows-serial-slow.yaml`, when not specified `upstream-windows.yaml` is used | +| `KUBETEST_WINDOWS_CONFIG` | Default is `upstream-windows.yaml`. CAPZ contains various other configuration recipes in the `test/e2e/data/` directory; you may use any of those by referencing their file names as the value of `KUBETEST_WINDOWS_CONFIG` (e.g., `conformance-fast.yaml`), or you may drop in your own config files into `test/e2e/data/` and reference those. | | `WINDOWS_CONTAINERD_URL` | Optional, can be any url to a `tar.gz` file containing binaries for containerd in the same format as upstream package | With the following environment variables defined, CAPZ runs `./scripts/ci-build-kubernetes.sh` as part of `./scripts/ci-conformance.sh`, which allows developers to build Kubernetes from source and run the Kubernetes Conformance test suite against a CAPZ cluster based on the custom build: @@ -571,7 +571,7 @@ You can optionally set the following variables: | `KUBERNETES_VERSION` | Desired Kubernetes version to test. You can pass in a definitive released version, e.g., "v1.24.0". If you want to use pre-released CI bits of a particular release you may use the "latest-" prefix, e.g., "latest-1.24"; you may use the very latest built CI bits from the kubernetes/kubernetes master branch by passing in "latest". If you provide a `KUBERNETES_VERSION` environment variable, you may not also use `CI_VERSION` (below). Use only one configuration variable to declare the version of Kubernetes to test. | | `CI_VERSION` | Provide a custom CI version of Kubernetes (e.g., `v1.25.0-alpha.0.597+aa49dffc7f24dc`). If not specified, this will be determined from the KUBERNETES_VERSION above if it is an unreleased version. If you provide a `CI_VERSION` environment variable, you may not also use `KUBERNETES_VERSION` (above). | | `TEST_CCM` | Build a cluster that uses custom versions of the Azure cloud-provider cloud-controller-manager and node-controller-manager images | -| `EXP_MACHINE_POOL` | Use [Machine Pool](../topics/machinepools.md) for worker machines. | +| `EXP_MACHINE_POOL` | Use [Machine Pool](../self-managed/machinepools.md) for worker machines. | | `TEST_WINDOWS` | Build a cluster that has Windows worker nodes. | | `REGISTRY` | Registry to push any custom k8s images or cloud provider images built. | | `CLUSTER_TEMPLATE` | Use a custom cluster template. It can be a path to a template under templates/, a path on the host or a link. If the value is not set, the script will choose the appropriate cluster template based on existing environment variables. | diff --git a/docs/book/src/developers/releasing.md b/docs/book/src/developers/releasing.md index 9226bb995e9..8574033506f 100644 --- a/docs/book/src/developers/releasing.md +++ b/docs/book/src/developers/releasing.md @@ -88,6 +88,13 @@ Example versions: - Move items out of "Uncategorized" into an appropriate section. - Change anything attributed to "k8s-cherrypick-robot" to credit the original author. - Fix any typos or other errors. + - Add a "Details" section with a link to the full diff: + ```md + ## Details + + https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.14.4...v1.14.5 + ``` + Be sure to replace the versions in the URL with the appropriate tags. 1. Open a pull request against the `main` branch with the release notes. @@ -149,7 +156,7 @@ Note: this step requires access to the Netlify site. If you don't have access, p #### Minor/Major Releases -1. Follow the communications process for [pre-releases](#pre-releases) +1. Follow the communications process for [patch-releases](#patch-releases) 2. An announcement email is sent to `kubernetes-sig-azure@googlegroups.com` and `kubernetes-sig-cluster-lifecycle@googlegroups.com` with the subject `[ANNOUNCE] cluster-api-provider-azure has been released` [semver]: https://semver.org/#semantic-versioning-200 diff --git a/docs/book/src/topics/getting-started.md b/docs/book/src/getting-started.md similarity index 95% rename from docs/book/src/topics/getting-started.md rename to docs/book/src/getting-started.md index 48cbdb74388..9578411de5f 100644 --- a/docs/book/src/topics/getting-started.md +++ b/docs/book/src/getting-started.md @@ -45,7 +45,7 @@ An Azure Service Principal is needed for deploying Azure resources. The below in ``` 5. Create an Azure Service Principal by running the following command or skip this step and use a previously created Azure Service Principal. - NOTE: the "owner" role is required to be able to create role assignments for [system-assigned managed identity](vm-identity.md). + NOTE: the "owner" role is required to be able to create role assignments for system-assigned managed identity. ```bash az ad sp create-for-rbac --role contributor --scopes="/subscriptions/${AZURE_SUBSCRIPTION_ID}" @@ -84,7 +84,7 @@ For example, if your password is `foo'blah$`, you should do `export AZURE_CLIENT

Warning

-The capability to set credentials using environment variables is now deprecated and will be removed in future releases, the recommended approach is to use `AzureClusterIdentity` as explained [here](multitenancy.md) +The capability to set credentials using environment variables is now deprecated and will be removed in future releases, the recommended approach is to use `AzureClusterIdentity` as explained [here](./topics/multitenancy.md) @@ -92,7 +92,7 @@ The capability to set credentials using environment variables is now deprecated ### Building your first cluster Check out the [Cluster API Quick Start](https://cluster-api.sigs.k8s.io/user/quick-start.html) to create your first Kubernetes cluster on Azure using Cluster API. Make sure to select the "Azure" tabs. -If you are looking to install additional ASO CRDs, set `ADDITIONAL_ASO_CRDS` to the list of CRDs you want to install. Refer to adding additional CRDs for Azure Service Operator [here](aso.md#Using-aso-for-non-capz-resources). +If you are looking to install additional ASO CRDs, set `ADDITIONAL_ASO_CRDS` to the list of CRDs you want to install. Refer to adding additional CRDs for Azure Service Operator [here](./topics/aso.md#Using-aso-for-non-capz-resources).

Warning

diff --git a/docs/book/src/managed/adopting-clusters.md b/docs/book/src/managed/adopting-clusters.md new file mode 100644 index 00000000000..b5463fa271b --- /dev/null +++ b/docs/book/src/managed/adopting-clusters.md @@ -0,0 +1,85 @@ +## Adopting Existing AKS Clusters + +### Option 1: Using the new AzureASOManaged API + + +The [AzureASOManagedControlPlane and related APIs](./asomanagedcluster.md) support +adoption as a first-class use case. Going forward, this method is likely to be easier, more reliable, include +more features, and better supported for adopting AKS clusters than Option 2 below. + +To adopt an AKS cluster into a full Cluster API Cluster, create an ASO ManagedCluster and associated +ManagedClustersAgentPool resources annotated with `sigs.k8s.io/cluster-api-provider-azure-adopt=true`. The +annotation may also be added to existing ASO resources to trigger adoption. CAPZ will automatically scaffold +the Cluster API resources like the Cluster, AzureASOManagedCluster, AzureASOManagedControlPlane, MachinePools, +and AzureASOManagedMachinePools. The [`asoctl import +azure-resource`](https://azure.github.io/azure-service-operator/tools/asoctl/#import-azure-resource) command +can help generate the required YAML. + +Caveats: +- The `asoctl import azure-resource` command has at least [one known + bug](https://github.com/Azure/azure-service-operator/issues/3805) requiring the YAML it generates to be + edited before it can be applied to a cluster. +- CAPZ currently only records the ASO resources in the CAPZ resources' `spec.resources` that it needs to + function, which include the ManagedCluster, its ResourceGroup, and associated ManagedClustersAgentPools. + Other resources owned by the ManagedCluster like Kubernetes extensions or Fleet memberships are not + currently imported to the CAPZ specs. +- Configuring the automatically generated Cluster API resources is not currently possible. If you need to + change something like the `metadata.name` of a resource from what CAPZ generates, create the Cluster API + resources manually referencing the pre-existing resources. +- Adopting existing clusters created with the GA AzureManagedControlPlane API to the experimental API with + this method is theoretically possible, but untested. Care should be taken to prevent CAPZ from reconciling + two different representations of the same underlying Azure resources. + +### Option 2: Using the current AzureManagedControlPlane API + + + +CAPZ can adopt some AKS clusters created by other means under its management. This works by crafting CAPI and +CAPZ manifests which describe the existing cluster and creating those resources on the CAPI management +cluster. This approach is limited to clusters which can be described by the CAPZ API, which includes the +following constraints: + +- the cluster operates within a single Virtual Network and Subnet +- the cluster's Virtual Network exists outside of the AKS-managed `MC_*` resource group +- the cluster's Virtual Network and Subnet are not shared with any other resources outside the context of this cluster + +To ensure CAPZ does not introduce any unwarranted changes while adopting an existing cluster, carefully review +the [entire AzureManagedControlPlane spec](../reference/v1beta1-api#infrastructure.cluster.x-k8s.io/v1beta1.AzureManagedControlPlaneSpec) +and specify _every_ field in the CAPZ resource. CAPZ's webhooks apply defaults to many fields which may not +match the existing cluster. + +Specific AKS features not represented in the CAPZ API, like those from a newer AKS API version than CAPZ uses, +do not need to be specified in the CAPZ resources to remain configured the way they are. CAPZ will still not +be able to manage that configuration, but it will not modify any settings beyond those for which it has +knowledge. + +By default, CAPZ will not make any changes to or delete any pre-existing Resource Group, Virtual Network, or +Subnet resources. To opt-in to CAPZ management for those clusters, tag those resources with the following +before creating the CAPZ resources: `sigs.k8s.io_cluster-api-provider-azure_cluster_: owned`. +Managed Cluster and Agent Pool resources do not need this tag in order to be adopted. + +After applying the CAPI and CAPZ resources for the cluster, other means of managing the cluster should be +disabled to avoid ongoing conflicts with CAPZ's reconciliation process. + +#### Pitfalls + +The following describes some specific pieces of configuration that deserve particularly careful attention, +adapted from https://gist.github.com/mtougeron/1e5d7a30df396cd4728a26b2555e0ef0#file-capz-md. + +- Make sure `AzureManagedControlPlane.metadata.name` matches the AKS cluster name +- Set the `AzureManagedControlPlane.spec.virtualNetwork` fields to match your existing VNET +- Make sure the `AzureManagedControlPlane.spec.sshPublicKey` matches what was set on the AKS cluster. (including any potential newlines included in the base64 encoding) + - NOTE: This is a required field in CAPZ, if you don't know what public key was used, you can _change_ or _set_ it via the Azure CLI however before attempting to import the cluster. +- Make sure the `Cluster.spec.clusterNetwork` settings match properly to what you are using in AKS +- Make sure the `AzureManagedControlPlane.spec.dnsServiceIP` matches what is set in AKS +- Set the tag `sigs.k8s.io_cluster-api-provider-azure_cluster_` = `owned` on the AKS cluster +- Set the tag `sigs.k8s.io_cluster-api-provider-azure_role` = `common` on the AKS cluster + +NOTE: Several fields, like `networkPlugin`, if not set on the AKS cluster at creation time, will mean that CAPZ will not be able to set that field. AKS doesn't allow such fields to be changed if not set at creation. However, if it was set at creation time, CAPZ will be able to successfully change/manage the field. diff --git a/docs/book/src/managed/asomanagedcluster.md b/docs/book/src/managed/asomanagedcluster.md new file mode 100644 index 00000000000..398d5dd6639 --- /dev/null +++ b/docs/book/src/managed/asomanagedcluster.md @@ -0,0 +1,54 @@ +## ASO Managed Clusters (AKS) + +- **Feature status:** alpha, not experimental, fully supported +- **Feature gate:** MachinePool=true + +New in CAPZ v1.15.0 is a new flavor of APIs that addresses the following limitations of +the existing CAPZ APIs for advanced use cases for provisioning AKS clusters: + +- A limited set of Azure resource types can be represented. +- A limited set of Azure resource topologies can be expressed. e.g. Only a single Virtual Network resource can + be reconciled for each CAPZ-managed AKS cluster. +- For each Azure resource type supported by CAPZ, CAPZ generally only uses a single Azure API version to + define resources of that type. +- For each Azure API version known by CAPZ, only a subset of fields defined in that version by the Azure API + spec are exposed by the CAPZ API. + +This new API defines new AzureASOManagedCluster, AzureASOManagedControlPlane, and +AzureASOManagedMachinePool resources. An AzureASOManagedCluster might look like this: + +```yaml +apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1 +kind: AzureASOManagedCluster +metadata: + name: my-cluster + namespace: default +spec: + resources: + - apiVersion: resources.azure.com/v1api20200601 + kind: ResourceGroup + metadata: + name: my-resource-group + spec: + location: eastus +``` + +See [here](https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/main/templates/cluster-template-aks-aso.yaml) for a full AKS example using all the new resources. + +The main element of the new API is `spec.resources` in each new resource, which defines arbitrary, literal ASO +resources inline to be managed by CAPZ. These inline ASO resource definitions take the place of almost all +other configuration currently defined by CAPZ. e.g. Instead of a CAPZ-specific `spec.location` field on the +existing AzureManagedControlPlane, the same value would be expected to be set on an ASO ManagedCluster +resource defined in an AzureASOManagedControlPlane's `spec.resources`. This pattern allows users to define, in +full, any ASO-supported version of a resource type in any of these new CAPZ resources. + +The obvious tradeoff with this new style of API is that CAPZ resource definitions can become more verbose for +basic use cases. To address this, CAPZ still offers flavor templates that use this API with all of the +boilerplate predefined to serve as a starting point for customization. + +The overall theme of this API is to leverage ASO as much as possible for representing Azure resources in the +Kubernetes API, thereby making CAPZ the thinnest possible translation layer between ASO and Cluster API. + +This experiment will help inform CAPZ whether this pattern may be a candidate for a potential v2 API. This +functionality is enabled by default and can be disabled with the `ASOAPI` feature flag (set by the `EXP_ASO_API` environment variable). +Please try it out and offer any feedback! diff --git a/docs/book/src/managed/managed.md b/docs/book/src/managed/managed.md new file mode 100644 index 00000000000..f3a24ccf199 --- /dev/null +++ b/docs/book/src/managed/managed.md @@ -0,0 +1,40 @@ +# Managed Clusters + +This section contains information specific to configuring managed (AKS) Kubernetes clusters using Cluster API Provider for Azure (CAPZ). +See [self-managed clusters](../self-managed/self-managed.md) for information specific to provisioning these clusters. + +Documents under the Managed Clusters area: +- [Adopting Clusters](managed.md) +- [ASO Managed Clusters](asomanagedcluster.md) +- [Managed Clusters](managedcluster.md) +- [Managed Clusters - Join VMSS Nodes](adopting-clusters.md) +- [Troubleshooting](troubleshooting.md) + +## CAPZ's Managed Cluster versus CAPZ's ASOManaged Cluster + +There are two APIs which can create AKS clusters and it's important to understand the differences. + +**ManagedCluster** - is the original API to provision AKS clusters introduced with the [0.4.4 release](https://github.com/kubernetes-sigs/cluster-api-provider-azure/releases/tag/v0.4.4). This more closely matches the CAPI style for YAML code for other providers. The original code was based on directly using the Azure Go SDK, but in the [1.11.0 release](https://github.com/kubernetes-sigs/cluster-api-provider-azure/releases/tag/v1.11.0) was switched to utilize Azure Service Operator (ASO) as a dependency for provisioning. This supports the preview API, but does not natively support all AKS features available. The ManagedCluster API will eventually be deprecated, [see the roadmap for more information](../roadmap.md). + +**ASOManagedCluster** - was created in the [1.15 release of CAPZ](https://github.com/kubernetes-sigs/cluster-api-provider-azure/releases/tag/v1.15.0) and creates a CAPI-compliant wrapper around the existing ASO definitions for AKS clusters. It has 100% API coverage for the preview and current AKS APIs via the ASO AKS CRDs. This is the long-term plan to support provisioning AKS clusters using CAPZ. [See the roadmap for more information](../roadmap.md) + +### Why is ASOManagedCluster the future? + +The biggest challenge with ManagedCluster is attempting to keep up with the velocity of feature changes to the frequently changing AKS API. This model requires every single feature to be added into code directly. Even with the simplification of code to utilize ASO as a dependency, there still is quite a bit of time required to keep up with these features. Ultimately, this is an unsustainable path long-term. The [asoManaged*Patches feature](managedcluster.md#warning-warning-this-is-meant-to-be-used-sparingly-to-enable-features-for-development-and-testing-that-are-not-otherwise-represented-in-the-capz-api-misconfiguration-that-conflicts-with-capzs-normal-mode-of-operation-is-possible) enables patching/adding various AKS fields via ASO to help try to fill some of these gaps, but this comes at the cost of unknown full testing. + +ASOManagedCluster enables 100% API coverage natively and is easy to keep up with since it is primarily a dependency update to CAPZ. Furthermore it has the advantage of making it easier to import existing deployed clusters which have no existing CAPZ or ASO YAML code defined. + +For the complete history of this transition, see the [Managing Azure Resources with Azure Service Operator](https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/main/docs/proposals/20230123-azure-service-operator.md) and [Automate AKS Features available in CAPZ](https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/main/docs/proposals/20231122-automate-aks-features.md) design proposal documents. + +## ASO's AKS versus CAPZ's ASOManaged AKS + +It is possible to not utilize CAPZ at all and simply utilize ASO to provision an [AKS cluster definition directly](https://azure.github.io/azure-service-operator/reference/containerservice/v1api20231001/#containerservice.azure.com/v1api20231001.ManagedCluster). The advantages that CAPZ brings over this approach are the following: + - Robust Testing - CAPZ is utilized to test Kubernetes and AKS using this code with numerous end-to-end tests. ASO has no AKS-specific testing. + - Simplification of Infrastructure as Code (IaC) definitions - With ASO you have to figure out how to put together every field and there are some small examples. CAPZ provides `kustomize` template samples connected to `clusterctl generate template` as well as a [helm chart](https://github.com/mboersma/cluster-api-charts/). + - Management scale - CAPZ enables use of [ClusterClass](../topics/clusterclass.md) so you can have a smaller chunk of code to manage numerous clusters with the same configuration. + - Heterogeneous Kubernetes management - it is possible with CAPZ to manage self-managed (not possible at all with ASO) and managed clusters with a single management control plane and similar IaC definitions. + - Multi-cloud IaC consistency - even though it's still wrapping ASO, there still is some consistency in the code contract to provision Kubernetes clusters with the [~30 other CAPI infrastructure providers](https://cluster-api.sigs.k8s.io/reference/providers). + +## General AKS Best Practices + +A set of best practices for managing AKS clusters is documented here: [https://learn.microsoft.com/azure/aks/best-practices](https://learn.microsoft.com/azure/aks/best-practices) diff --git a/docs/book/src/managed/managedcluster-join-vmss.md b/docs/book/src/managed/managedcluster-join-vmss.md new file mode 100644 index 00000000000..da55fff34c5 --- /dev/null +++ b/docs/book/src/managed/managedcluster-join-vmss.md @@ -0,0 +1,125 @@ +## Joining self-managed VMSS nodes to an AKS control plane + + + +### Installing Addons + +In order for the nodes to become ready, you'll need to install Cloud Provider Azure and a CNI. + +AKS will install Cloud Provider Azure on the self-managed nodes as long as they have the appropriate labels. You can add the required label on the nodes by running the following command on the AKS cluster: + +```bash +kubectl label node kubernetes.azure.com/cluster= +``` + +Repeat this for each node in the MachinePool. + + + +For the CNI, you can install the CNI of your choice. For example, to install Azure CNI, run the following command on the AKS cluster: + +```bash +kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-azure/main/templates/addons/azure-cni-v1.yaml +``` + +### Notes + +Some notes about how this works under the hood: + +- CAPZ will fetch the kubeconfig for the AKS cluster and store it in a secret named `${CLUSTER_NAME}-kubeconfig` in the management cluster. That secret is then used for discovery by the `KubeadmConfig` resource. +- You can customize the `MachinePool`, `AzureMachinePool`, and `KubeadmConfig` resources to your liking. The example above is just a starting point. Note that the key configurations to keep are in the `KubeadmConfig` resource, namely the `files`, `joinConfiguration`, and `preKubeadmCommands` sections. +- The `KubeadmConfig` resource will be used to generate a `kubeadm join` command that will be executed on each node in the VMSS. It uses the cluster kubeconfig for discovery. The `kubeadm init phase upload-config all` is run as a preKubeadmCommand to ensure that the kubeadm and kubelet configurations are uploaded to a ConfigMap. This step would normally be done by the `kubeadm init` command, but since we're not running `kubeadm init` we need to do it manually. + +### Creating the MachinePool + +You can add a self-managed VMSS node pool to any CAPZ-managed AKS cluster by applying the following resources to the management cluster: + +```yaml +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachinePool +metadata: + name: ${CLUSTER_NAME}-vmss + namespace: default +spec: + clusterName: ${CLUSTER_NAME} + replicas: ${WORKER_MACHINE_COUNT} + template: + spec: + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfig + name: ${CLUSTER_NAME}-vmss + clusterName: ${CLUSTER_NAME} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureMachinePool + name: ${CLUSTER_NAME}-vmss + version: ${KUBERNETES_VERSION} +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureMachinePool +metadata: + name: ${CLUSTER_NAME}-vmss + namespace: default +spec: + location: ${AZURE_LOCATION} + strategy: + rollingUpdate: + deletePolicy: Oldest + maxSurge: 25% + maxUnavailable: 1 + type: RollingUpdate + template: + osDisk: + diskSizeGB: 30 + managedDisk: + storageAccountType: Premium_LRS + osType: Linux + sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} + vmSize: ${AZURE_NODE_MACHINE_TYPE} +--- +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +kind: KubeadmConfig +metadata: + name: ${CLUSTER_NAME}-vmss + namespace: default +spec: + files: + - contentFrom: + secret: + key: worker-node-azure.json + name: ${CLUSTER_NAME}-vmss-azure-json + owner: root:root + path: /etc/kubernetes/azure.json + permissions: "0644" + - contentFrom: + secret: + key: value + name: ${CLUSTER_NAME}-kubeconfig + owner: root:root + path: /etc/kubernetes/admin.conf + permissions: "0644" + joinConfiguration: + discovery: + file: + kubeConfigPath: /etc/kubernetes/admin.conf + nodeRegistration: + kubeletExtraArgs: + cloud-provider: external + name: '{{ ds.meta_data["local_hostname"] }}' + preKubeadmCommands: + - kubeadm init phase upload-config all + ``` diff --git a/docs/book/src/managed/managedcluster.md b/docs/book/src/managed/managedcluster.md new file mode 100644 index 00000000000..a2f769d0e22 --- /dev/null +++ b/docs/book/src/managed/managedcluster.md @@ -0,0 +1,419 @@ +# Managed Clusters (AKS) + +- **Feature status:** GA +- **Feature gate:** MachinePool=true + +Cluster API Provider Azure (CAPZ) supports managing Azure +Kubernetes Service (AKS) clusters. CAPZ implements this with three +custom resources: + +- AzureManagedControlPlane +- AzureManagedCluster +- AzureManagedMachinePool + +The combination of AzureManagedControlPlane/AzureManagedCluster +corresponds to provisioning an AKS cluster. AzureManagedMachinePool +corresponds one-to-one with AKS node pools. This also means that +creating an AzureManagedControlPlane requires at least one AzureManagedMachinePool +with `spec.mode` `System`, since AKS expects at least one system pool at creation +time. For more documentation on system node pool refer [AKS Docs](https://learn.microsoft.com/azure/aks/use-system-pools) + +Sections in this document: +- [Deploy with clusterctl](#deploy-with-clusterctl) +- [Specification walkthrough](#specification) + - [Use an existing Virtual Network to provision an AKS cluster](#use-an-existing-virtual-network-to-provision-an-aks-cluster) + - [Disable Local Accounts in AKS when using Azure Active Directory](#disable-local-accounts-in-aks-when-using-azure-active-directory) + - [AKS Fleet Integration](#aks-fleet-integration) + - [AKS Extensions](#aks-extensions) + - [Security Profile for AKS clusters](#security-profile-for-aks-clusters) + - [Enabling Preview API Features for ManagedClusters](#enabling-preview-api-features-for-managedclusters) + - [OIDC Issuer on AKS](#oidc-issuer-on-aks) + - [Enable AKS features with custom headers](#enable-aks-features-with-custom-headers---aks-custom-headers) + +## Deploy with clusterctl + +A clusterctl flavor exists to deploy an AKS cluster with CAPZ. This +flavor requires the following environment variables to be set before +executing clusterctl. + +```bash +# Kubernetes values +export CLUSTER_NAME="my-cluster" +export WORKER_MACHINE_COUNT=2 +export KUBERNETES_VERSION="v1.27.3" + +# Azure values +export AZURE_LOCATION="southcentralus" +export AZURE_RESOURCE_GROUP="${CLUSTER_NAME}" +``` + +***NOTE***: `${CLUSTER_NAME}` should adhere to the RFC 1123 standard. This means that it must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. + +Create a new service principal and save to a local file: + +```bash +az ad sp create-for-rbac --role Contributor --scopes="/subscriptions/${AZURE_SUBSCRIPTION_ID}" --sdk-auth > sp.json +``` + +export the following variables in your current shell. + +```bash +export AZURE_SUBSCRIPTION_ID="$(cat sp.json | jq -r .subscriptionId | tr -d '\n')" +export AZURE_CLIENT_SECRET="$(cat sp.json | jq -r .clientSecret | tr -d '\n')" +export AZURE_CLIENT_ID="$(cat sp.json | jq -r .clientId | tr -d '\n')" +export AZURE_TENANT_ID="$(cat sp.json | jq -r .tenantId | tr -d '\n')" +export AZURE_NODE_MACHINE_TYPE="Standard_D2s_v3" +export AZURE_CLUSTER_IDENTITY_SECRET_NAME="cluster-identity-secret" +export AZURE_CLUSTER_IDENTITY_SECRET_NAMESPACE="default" +export CLUSTER_IDENTITY_NAME="cluster-identity" +``` + +Managed clusters require the Cluster API "MachinePool" feature flag enabled. You can do that via an environment variable thusly: + +```bash +export EXP_MACHINE_POOL=true +``` + +Create a local kind cluster to run the management cluster components: + +```bash +kind create cluster +``` + +Create an identity secret on the management cluster: + +```bash +kubectl create secret generic "${AZURE_CLUSTER_IDENTITY_SECRET_NAME}" --from-literal=clientSecret="${AZURE_CLIENT_SECRET}" +``` + +Execute clusterctl to template the resources, then apply to your kind management cluster: + +```bash +clusterctl init --infrastructure azure +clusterctl generate cluster ${CLUSTER_NAME} --kubernetes-version ${KUBERNETES_VERSION} --flavor aks > cluster.yaml + +# assumes an existing management cluster +kubectl apply -f cluster.yaml + +# check status of created resources +kubectl get cluster-api -o wide +``` + +## Specification + +We'll walk through an example to view available options. + +```yaml +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: my-cluster +spec: + clusterNetwork: + services: + cidrBlocks: + - 192.168.0.0/16 + controlPlaneRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureManagedControlPlane + name: my-cluster-control-plane + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureManagedCluster + name: my-cluster +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedControlPlane +metadata: + name: my-cluster-control-plane +spec: + location: southcentralus + resourceGroupName: foo-bar + sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} + subscriptionID: 00000000-0000-0000-0000-000000000000 # fake uuid + version: v1.21.2 + networkPolicy: azure # or calico + networkPlugin: azure # or kubenet + sku: + tier: Free # or Standard + addonProfiles: + - name: azureKeyvaultSecretsProvider + enabled: true + - name: azurepolicy + enabled: true +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedCluster +metadata: + name: my-cluster +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachinePool +metadata: + name: agentpool0 +spec: + clusterName: my-cluster + replicas: 2 + template: + spec: + clusterName: my-cluster + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureManagedMachinePool + name: agentpool0 + namespace: default + version: v1.21.2 +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedMachinePool +metadata: + name: agentpool0 +spec: + mode: System + osDiskSizeGB: 30 + sku: Standard_D2s_v3 +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachinePool +metadata: + name: agentpool1 +spec: + clusterName: my-cluster + replicas: 2 + template: + spec: + clusterName: my-cluster + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureManagedMachinePool + name: agentpool1 + namespace: default + version: v1.21.2 +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedMachinePool +metadata: + name: agentpool1 +spec: + mode: User + osDiskSizeGB: 40 + sku: Standard_D2s_v4 +``` + +Please note that we don't declare a configuration for the apiserver endpoint. This configuration data will be populated automatically based on the data returned from AKS API during cluster create as `.spec.controlPlaneEndpoint.Host` and `.spec.controlPlaneEndpoint.Port` in both the `AzureManagedCluster` and `AzureManagedControlPlane` resources. Any user-provided data will be ignored and overwritten by data returned from the AKS API. + +The [CAPZ API reference documentation](../reference/v1beta1-api.html) describes all of the available options. See also the AKS API documentation for [Agent Pools](https://learn.microsoft.com/rest/api/aks/agent-pools/create-or-update?tabs=HTTP) and [Managed Clusters](https://learn.microsoft.com/rest/api/aks/managed-clusters/create-or-update?tabs=HTTP). + +The main features for configuration are: + +- [networkPolicy](https://learn.microsoft.com/azure/aks/concepts-network#network-policies) +- [networkPlugin](https://learn.microsoft.com/azure/aks/concepts-network#azure-virtual-networks) +- [addonProfiles](https://learn.microsoft.com/cli/azure/aks/addon?view=azure-cli-latest#az-aks-addon-list-available) - for additional addons not listed below, look for the `*ADDON_NAME` values in [this code](https://github.com/Azure/azure-cli/blob/main/src/azure-cli/azure/cli/command_modules/acs/_consts.py). + +| addon name | YAML value | +|---------------------------|---------------------------| +| http_application_routing | httpApplicationRouting | +| monitoring | omsagent | +| virtual-node | aciConnector | +| kube-dashboard | kubeDashboard | +| azure-policy | azurepolicy | +| ingress-appgw | ingressApplicationGateway | +| confcom | ACCSGXDevicePlugin | +| open-service-mesh | openServiceMesh | +| azure-keyvault-secrets-provider | azureKeyvaultSecretsProvider | +| gitops | Unsupported? | +| web_application_routing | Unsupported? | + +### Use an existing Virtual Network to provision an AKS cluster + +If you'd like to deploy your AKS cluster in an existing Virtual Network, but create the cluster itself in a different resource group, you can configure the AzureManagedControlPlane resource with a reference to the existing Virtual Network and subnet. For example: + +```yaml +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedControlPlane +metadata: + name: my-cluster-control-plane +spec: + location: southcentralus + resourceGroupName: foo-bar + sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} + subscriptionID: 00000000-0000-0000-0000-000000000000 # fake uuid + version: v1.21.2 + virtualNetwork: + cidrBlock: 10.0.0.0/8 + name: test-vnet + resourceGroup: test-rg + subnet: + cidrBlock: 10.0.2.0/24 + name: test-subnet +``` + + + +### Disable Local Accounts in AKS when using Azure Active Directory + +When deploying an AKS cluster, local accounts are enabled by default. +Even when you enable RBAC or Azure AD integration, +--admin access still exists as a non-auditable backdoor option. +Disabling local accounts closes the backdoor access to the cluster +Example to disable local accounts for AAD enabled cluster. + +```yaml +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedMachinePool +metadata: + ... +spec: + aadProfile: + managed: true + adminGroupObjectIDs: + - 00000000-0000-0000-0000-000000000000 # group object id created in azure. + disableLocalAccounts: true + ... +``` + +Note: CAPZ and CAPI requires access to the target cluster to maintain and manage the cluster. +Disabling local accounts will cut off direct access to the target cluster. +CAPZ and CAPI can access target cluster only via the Service Principal, +hence the user has to provide appropriate access to the Service Principal to access the target cluster. +User can do that by adding the Service Principal to the appropriate group defined in Azure and +add the corresponding group ID in `spec.aadProfile.adminGroupObjectIDs`. +CAPI and CAPZ will be able to authenticate via AAD while accessing the target cluster. + +### AKS Fleet Integration + +CAPZ supports joining your managed AKS clusters to a single AKS fleet. Azure Kubernetes Fleet Manager (Fleet) enables at-scale management of multiple Azure Kubernetes Service (AKS) clusters. For more documentation on Azure Kubernetes Fleet Manager, refer [AKS Docs](https://learn.microsoft.com/azure/kubernetes-fleet/overview) + +To join a CAPZ cluster to an AKS fleet, you must first create an AKS fleet manager. For more information on how to create an AKS fleet manager, refer [AKS Docs](https://learn.microsoft.com/en-us/azure/kubernetes-fleet/quickstart-create-fleet-and-members). This fleet manager will be your point of reference for managing any CAPZ clusters that you join to the fleet. + +Once you have created an AKS fleet manager, you can join your CAPZ cluster to the fleet by adding the `fleetsMember` field to your AzureManagedControlPlane resource spec: + +```yaml +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedControlPlane +metadata: + name: ${CLUSTER_NAME} + namespace: default +spec: + fleetsMember: + group: fleet-update-group + managerName: fleet-manager-name + managerResourceGroup: fleet-manager-resource-group +``` + +The `managerName` and `managerResourceGroup` fields are the name and resource group of your AKS fleet manager. The `group` field is the name of the update group for the cluster, not to be confused with the resource group. + +When the `fleetMember` field is included, CAPZ will create an AKS fleet member resource which will join the CAPZ cluster to the AKS fleet. The AKS fleet member resource will be created in the same resource group as the CAPZ cluster. + +### AKS Extensions + +CAPZ supports enabling AKS extensions on your managed AKS clusters. Cluster extensions provide an Azure Resource Manager driven experience for installation and lifecycle management of services like Azure Machine Learning or Kubernetes applications on an AKS cluster. For more documentation on AKS extensions, refer [AKS Docs](https://learn.microsoft.com/azure/aks/cluster-extensions). + +You can either provision official AKS extensions or Kubernetes applications through Marketplace. Please refer to [AKS Docs](https://learn.microsoft.com/en-us/azure/aks/cluster-extensions#currently-available-extensions) for the list of currently available extensions. + +To add an AKS extension to your managed cluster, simply add the `extensions` field to your AzureManagedControlPlane resource spec: + +```yaml +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedControlPlane +metadata: + name: ${CLUSTER_NAME} + namespace: default +spec: + extensions: + - name: my-extension + extensionType: "TraefikLabs.TraefikProxy" + plan: + name: "traefik-proxy" + product: "traefik-proxy" + publisher: "containous" +``` + +To list all of the available extensions for your cluster as well as its plan details, use the following az cli command: + +```bash +az k8s-extension extension-types list-by-cluster --resource-group my-resource-group --cluster-name mycluster --cluster-type managedClusters +``` + +For more details, please refer to the [az k8s-extension cli reference](https://learn.microsoft.com/cli/azure/k8s-extension). + + +### Security Profile for AKS clusters + +Example for configuring AzureManagedControlPlane with a security profile: + +```yaml +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedControlPlane +metadata: + name: my-cluster-control-plane +spec: + location: southcentralus + resourceGroupName: foo-bar + sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} + subscriptionID: 00000000-0000-0000-0000-000000000000 # fake uuid + version: v1.29.4 + identity: + type: UserAssigned + userAssignedIdentityResourceID: /subscriptions/00000000-0000-0000-0000-00000000/resourcegroups//providers/Microsoft.ManagedIdentity/userAssignedIdentities/ + oidcIssuerProfile: + enabled: true + securityProfile: + workloadIdentity: + enabled: true + imageCleaner: + enabled: true + intervalHours: 48 + azureKeyVaultKms: + enabled: true + keyID: https://key-vault.vault.azure.net/keys/secret-key/00000000000000000 + defender: + logAnalyticsWorkspaceResourceID: /subscriptions/00000000-0000-0000-0000-00000000/resourcegroups//providers/Microsoft.ManagedIdentity/userAssignedIdentities/ + securityMonitoring: + enabled: true +``` + +### Enabling Preview API Features for ManagedClusters + +#### :warning: WARNING: This is meant to be used sparingly to enable features for development and testing that are not otherwise represented in the CAPZ API. Misconfiguration that conflicts with CAPZ's normal mode of operation is possible. + +To enable preview features for managed clusters, you can use the `enablePreviewFeatures` field in the `AzureManagedControlPlane` resource spec. To use any of the new fields included in the preview API version, use the `asoManagedClusterPatches` field in the `AzureManagedControlPlane` resource spec and the `asoManagedClustersAgentPoolPatches` field in the `AzureManagedMachinePool` resource spec to patch in the new fields. + +Please refer to the [ASO Docs](https://azure.github.io/azure-service-operator/reference/containerservice/) for the ContainerService API reference for the latest preview fields and their usage. + +Example for enabling preview features for managed clusters: + +```yaml +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedControlPlane +metadata: + name: ${CLUSTER_NAME} + namespace: default +spec: + enablePreviewFeatures: true + asoManagedClusterPatches: + - '{"spec": {"enableNamespaceResources": true}}' +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureManagedMachinePool +metadata: + ... +spec: + asoManagedClustersAgentPoolPatches: + - '{"spec": {"enableCustomCATrust": true}}' +``` + +### OIDC Issuer on AKS + +Setting `AzureManagedControlPlane.Spec.oidcIssuerProfile.enabled` to `true` will enable OIDC issuer profile for the `AzureManagedControlPlane`. Once enabled, you will see a configmap named `-aso-oidc-issuer-profile` in the same namespace as the `AzureManagedControlPlane` resource. This configmap will contain the OIDC issuer profile url under the `oidc-issuer-profile-url` key. + +Once OIDC issuer is enabled on the cluster, it's not supported to disable it. + +To learn more about OIDC and AKS refer [AKS Docs on OIDC issuer](https://learn.microsoft.com/en-us/azure/aks/use-oidc-issuer). + +### Enable AKS features with custom headers (--aks-custom-headers) + +CAPZ no longer supports passing custom headers to AKS APIs with `infrastructure.cluster.x-k8s.io/custom-header-` annotations. +Custom headers are deprecated in AKS in favor of new features first landing in preview API versions: + +https://github.com/Azure/azure-rest-api-specs/pull/18232 \ No newline at end of file diff --git a/docs/book/src/managed/troubleshooting.md b/docs/book/src/managed/troubleshooting.md new file mode 100644 index 00000000000..9dd9c7c9203 --- /dev/null +++ b/docs/book/src/managed/troubleshooting.md @@ -0,0 +1,79 @@ +# Troubleshooting Managed Clusters (AKS) + +If a user tries to delete the MachinePool which refers to the last system node pool AzureManagedMachinePool webhook will reject deletion, so time stamp never gets set on the AzureManagedMachinePool. However the timestamp would be set on the MachinePool and would be in deletion state. To recover from this state create a new MachinePool manually referencing the AzureManagedMachinePool, edit the required references and finalizers to link the MachinePool to the AzureManagedMachinePool. In the AzureManagedMachinePool remove the owner reference to the old MachinePool, and set it to the new MachinePool. Once the new MachinePool is pointing to the AzureManagedMachinePool you can delete the old MachinePool. To delete the old MachinePool remove the finalizers in that object. + +Here is an Example: + +```yaml +# MachinePool deleted +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachinePool +metadata: + finalizers: # remove finalizers once new object is pointing to the AzureManagedMachinePool + - machinepool.cluster.x-k8s.io + labels: + cluster.x-k8s.io/cluster-name: capz-managed-aks + name: agentpool0 + namespace: default + ownerReferences: + - apiVersion: cluster.x-k8s.io/v1beta1 + kind: Cluster + name: capz-managed-aks + uid: 152ecf45-0a02-4635-987c-1ebb89055fa2 + uid: ae4a235a-f0fa-4252-928a-0e3b4c61dbea +spec: + clusterName: capz-managed-aks + minReadySeconds: 0 + providerIDList: + - azure:///subscriptions/9107f2fb-e486-a434-a948-52e2929b6f18/resourceGroups/MC_rg_capz-managed-aks_eastus/providers/Microsoft.Compute/virtualMachineScaleSets/aks-agentpool0-10226072-vmss/virtualMachines/0 + replicas: 1 + template: + metadata: {} + spec: + bootstrap: + dataSecretName: "" + clusterName: capz-managed-aks + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureManagedMachinePool + name: agentpool0 + namespace: default + version: v1.21.2 + +--- +# New Machinepool +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachinePool +metadata: + finalizers: + - machinepool.cluster.x-k8s.io + generation: 2 + labels: + cluster.x-k8s.io/cluster-name: capz-managed-aks + name: agentpool2 # change the name of the machinepool + namespace: default + ownerReferences: + - apiVersion: cluster.x-k8s.io/v1beta1 + kind: Cluster + name: capz-managed-aks + uid: 152ecf45-0a02-4635-987c-1ebb89055fa2 + # uid: ae4a235a-f0fa-4252-928a-0e3b4c61dbea # remove the uid set for machinepool +spec: + clusterName: capz-managed-aks + minReadySeconds: 0 + providerIDList: + - azure:///subscriptions/9107f2fb-e486-a434-a948-52e2929b6f18/resourceGroups/MC_rg_capz-managed-aks_eastus/providers/Microsoft.Compute/virtualMachineScaleSets/aks-agentpool0-10226072-vmss/virtualMachines/0 + replicas: 1 + template: + metadata: {} + spec: + bootstrap: + dataSecretName: "" + clusterName: capz-managed-aks + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureManagedMachinePool + name: agentpool0 + namespace: default + version: v1.21.2 +``` diff --git a/docs/book/src/reference/v1alpha1-api.md b/docs/book/src/reference/v1alpha1-api.md new file mode 100644 index 00000000000..919d55f4f02 --- /dev/null +++ b/docs/book/src/reference/v1alpha1-api.md @@ -0,0 +1 @@ +{{ #include v1alpha1-api-raw.html }} diff --git a/docs/book/src/reference/v1alpha1-exp-api.md b/docs/book/src/reference/v1alpha1-exp-api.md deleted file mode 100644 index 50f46f1d2b1..00000000000 --- a/docs/book/src/reference/v1alpha1-exp-api.md +++ /dev/null @@ -1 +0,0 @@ -{{ #include v1alpha1-exp-api-raw.html }} diff --git a/docs/book/src/roadmap.md b/docs/book/src/roadmap.md index 5aa3c36f4ae..4c2533b0a23 100644 --- a/docs/book/src/roadmap.md +++ b/docs/book/src/roadmap.md @@ -1,14 +1,34 @@ # Cluster API Azure Roadmap The best place to see what's coming within a 1-2 month timeline is in [the public milestones](https://github.com/kubernetes-sigs/cluster-api-provider-azure/milestones). -All open items for the the next numbered milestone (e.g. **1.15**) are visualized in the [Milestone-Open project board view](https://github.com/orgs/kubernetes-sigs/projects/26/views/7) and planned at the very beginning of the 2-month release cycle. This planning and discussion begins at [Cluster API Azure Office Hours](http://bit.ly/k8s-capz-agenda) after a major release. +All open items for the the next numbered milestone (e.g. **1.17**) are visualized in the [Milestone-Open project board view](https://github.com/orgs/kubernetes-sigs/projects/26/views/7) and planned at the very beginning of the 2-month release cycle. This planning and discussion begins at [Cluster API Azure Office Hours](http://bit.ly/k8s-capz-agenda) after a major release. The [CAPZ project board roadmap view](https://github.com/orgs/kubernetes-sigs/projects/26/views/11) tracks the larger "epic issues" and their progress. Active community PR contributions are prioritized throughout the release, but unplanned work will arise. Hence the items in the milestone are a rough estimate which may change. The "next" milestone is a very rough collection of issues for the milestone after the current numbered one to help prioritize upcoming work. ## High Level Vision -CAPZ is the official production-ready Cluster API implementation to administer the entire lifecycle of self-managed or managed Kubernetes clusters (AKS) on Azure. Cluster API extends the Kubernetes API to provide tooling consistent across on-premises and cloud providers to build and maintain Kubernetes clusters at scale while working with GitOps and the surrounding tooling ecosystem. [See related blog post.](https://cloudblogs.microsoft.com/opensource/2023/04/20/kubernetes-at-scale-with-gitops-and-cluster-api/) +CAPZ is the official production-ready Cluster API implementation to administer the entire lifecycle of self-managed or managed Kubernetes clusters (AKS) on Azure. Cluster API extends the Kubernetes API to provide tooling consistent across on-premises and cloud providers to build and maintain Kubernetes clusters at scale while working with GitOps and the surrounding tooling ecosystem. See [related blog post](https://cloudblogs.microsoft.com/opensource/2023/04/20/kubernetes-at-scale-with-gitops-and-cluster-api/). -## Epics +Azure Service Operator (ASO) is automatically installed with CAPZ and can be utilized in addition to CAPZ's Kubernetes cluster Infrastructure as Code (IaC) definition to manage all of your Azure resources on the same management cluster. See [AKS Platform Engineering code sample](https://github.com/Azure-Samples/aks-platform-engineering). -There are a number of large priority "Epics" which may span across milestones which we believe are important to providing CAPZ users an even better experience and improving the vision. The [CAPZ project board roadmap view](https://github.com/orgs/kubernetes-sigs/projects/26/views/11) tracks the larger "epic issues" and their progress. +## Long-Term Priorities + +CAPZ can provision three major types of clusters, each of which have a different investment priority. + +1. Self-Managed clusters - maintain the current functionality via bug fixes and security patches. New features will be accepted via contributor pull requests. +2. Managed clusters (AzureManaged* current API) - maintain the current functionality via bug fixes and security patches. New features will be accepted via contributor pull requests. It is recommended that the existing [asoManaged*Patches functionality](./managed/managedcluster.md#warning-warning-this-is-meant-to-be-used-sparingly-to-enable-features-for-development-and-testing-that-are-not-otherwise-represented-in-the-capz-api-misconfiguration-that-conflicts-with-capzs-normal-mode-of-operation-is-possible) be considered as a stop-gap to missing features in the CAPZ definitions for AKS. +See deprecation timeline below. +3. Managed clusters (AzureASOManaged* new API) - was moved out of experimentation in July for the 1.16 release and is where the investment lies moving forward for provisioning AKS clusters. + +See the [managed clusters](./managed/managed.md) for further background and comparison of the two managed cluster APIs. + +Approximate timeline for deprecation of AzureManaged API: +- Sept 2024 - 1.17 - Announcement of deprecation of AzureManaged API. +- Nov 2024 - 1.18 +- Jan 2025 - 1.19 - move AzureASOManaged API to beta +- Mar 2025 - 1.20 - no new features accepted for AzureManaged API. Warning message in code for deprecation. +- May 2025 - 1.21 - GA AzureASOManaged API +- July 2025 - 1.22 +- Sept 2025 - 1.23 - AzureManaged API is removed from code base, AzureASOManaged API is default. + +There may be investment creating a new API definition for AKS from the [Managed Kubernetes CAPI proposal](https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20220725-managed-kubernetes.md) at some point in the future. If interested in this functionality, please file an issue on the CAPZ repository and come to the community group meeting to discuss. \ No newline at end of file diff --git a/docs/book/src/topics/addons.md b/docs/book/src/self-managed/addons.md similarity index 99% rename from docs/book/src/topics/addons.md rename to docs/book/src/self-managed/addons.md index a1f3790b9af..84e1066f7a2 100644 --- a/docs/book/src/topics/addons.md +++ b/docs/book/src/self-managed/addons.md @@ -1,6 +1,6 @@ # Overview -This section provides examples for addons for self-managed clusters. For managed cluster addons, please go to the [managed cluster specifications](https://capz.sigs.k8s.io/topics/managedcluster.html#specification). +This section provides examples for addons for self-managed clusters. For managed cluster addons, please go to the [managed cluster specifications](../managed/managedcluster.md#specification). Self managed cluster addon options covered here: diff --git a/docs/book/src/topics/api-server-endpoint.md b/docs/book/src/self-managed/api-server-endpoint.md similarity index 100% rename from docs/book/src/topics/api-server-endpoint.md rename to docs/book/src/self-managed/api-server-endpoint.md diff --git a/docs/book/src/topics/cloud-provider-config.md b/docs/book/src/self-managed/cloud-provider-config.md similarity index 100% rename from docs/book/src/topics/cloud-provider-config.md rename to docs/book/src/self-managed/cloud-provider-config.md diff --git a/docs/book/src/topics/confidential-vms.md b/docs/book/src/self-managed/confidential-vms.md similarity index 100% rename from docs/book/src/topics/confidential-vms.md rename to docs/book/src/self-managed/confidential-vms.md diff --git a/docs/book/src/topics/control-plane-outbound-lb.md b/docs/book/src/self-managed/control-plane-outbound-lb.md similarity index 100% rename from docs/book/src/topics/control-plane-outbound-lb.md rename to docs/book/src/self-managed/control-plane-outbound-lb.md diff --git a/docs/book/src/topics/custom-dns.md b/docs/book/src/self-managed/custom-dns.md similarity index 100% rename from docs/book/src/topics/custom-dns.md rename to docs/book/src/self-managed/custom-dns.md diff --git a/docs/book/src/topics/custom-images.md b/docs/book/src/self-managed/custom-images.md similarity index 100% rename from docs/book/src/topics/custom-images.md rename to docs/book/src/self-managed/custom-images.md diff --git a/docs/book/src/topics/custom-vm-extensions.md b/docs/book/src/self-managed/custom-vm-extensions.md similarity index 100% rename from docs/book/src/topics/custom-vm-extensions.md rename to docs/book/src/self-managed/custom-vm-extensions.md diff --git a/docs/book/src/topics/custom-vnet.md b/docs/book/src/self-managed/custom-vnet.md similarity index 99% rename from docs/book/src/topics/custom-vnet.md rename to docs/book/src/self-managed/custom-vnet.md index b3401fadb23..95764a13814 100644 --- a/docs/book/src/topics/custom-vnet.md +++ b/docs/book/src/self-managed/custom-vnet.md @@ -70,7 +70,7 @@ spec: resourceGroup: cluster-vnet-peering ``` -Currently, only virtual networks on the same subscription can be peered. Also, note that when creating workload clusters with internal load balancers, the management cluster must be in the same VNet or a peered VNet. See [here](https://capz.sigs.k8s.io/topics/api-server-endpoint.html#warning) for more details. +Currently, only virtual networks on the same subscription can be peered. Also, note that when creating workload clusters with internal load balancers, the management cluster must be in the same VNet or a peered VNet. See [here](./api-server-endpoint.md#warning) for more details. ## Custom Network Spec diff --git a/docs/book/src/topics/data-disks.md b/docs/book/src/self-managed/data-disks.md similarity index 100% rename from docs/book/src/topics/data-disks.md rename to docs/book/src/self-managed/data-disks.md diff --git a/docs/book/src/topics/disk-encryption.md b/docs/book/src/self-managed/disk-encryption.md similarity index 100% rename from docs/book/src/topics/disk-encryption.md rename to docs/book/src/self-managed/disk-encryption.md diff --git a/docs/book/src/topics/disks.md b/docs/book/src/self-managed/disks.md similarity index 100% rename from docs/book/src/topics/disks.md rename to docs/book/src/self-managed/disks.md diff --git a/docs/book/src/topics/dual-stack.md b/docs/book/src/self-managed/dual-stack.md similarity index 100% rename from docs/book/src/topics/dual-stack.md rename to docs/book/src/self-managed/dual-stack.md diff --git a/docs/book/src/topics/externally-managed-azure-infrastructure.md b/docs/book/src/self-managed/externally-managed-azure-infrastructure.md similarity index 100% rename from docs/book/src/topics/externally-managed-azure-infrastructure.md rename to docs/book/src/self-managed/externally-managed-azure-infrastructure.md diff --git a/docs/book/src/topics/failure-domains.md b/docs/book/src/self-managed/failure-domains.md similarity index 100% rename from docs/book/src/topics/failure-domains.md rename to docs/book/src/self-managed/failure-domains.md diff --git a/docs/book/src/topics/flatcar.md b/docs/book/src/self-managed/flatcar.md similarity index 98% rename from docs/book/src/topics/flatcar.md rename to docs/book/src/self-managed/flatcar.md index a3fdd1bdd48..8c06f650574 100644 --- a/docs/book/src/topics/flatcar.md +++ b/docs/book/src/self-managed/flatcar.md @@ -14,7 +14,7 @@ The testing reference images are built using [image-builder](https://github.com/ The reference images are not updated with security fixes. They are intended only to facilitate testing and to help users try out Cluster API for Azure. -The reference images should not be used in a production environment. It is highly recommended to [maintain your own custom image](#building-a-custom-image) instead. +The reference images should not be used in a production environment. It is highly recommended to [maintain your own custom image](./custom-images.md#building-a-custom-image) instead. diff --git a/docs/book/src/topics/gpu.md b/docs/book/src/self-managed/gpu.md similarity index 100% rename from docs/book/src/topics/gpu.md rename to docs/book/src/self-managed/gpu.md diff --git a/docs/book/src/topics/ipv6.md b/docs/book/src/self-managed/ipv6.md similarity index 100% rename from docs/book/src/topics/ipv6.md rename to docs/book/src/self-managed/ipv6.md diff --git a/docs/book/src/topics/machinepools.md b/docs/book/src/self-managed/machinepools.md similarity index 100% rename from docs/book/src/topics/machinepools.md rename to docs/book/src/self-managed/machinepools.md diff --git a/docs/book/src/topics/node-outbound-connection.md b/docs/book/src/self-managed/node-outbound-connection.md similarity index 100% rename from docs/book/src/topics/node-outbound-connection.md rename to docs/book/src/self-managed/node-outbound-connection.md diff --git a/docs/book/src/topics/os-disk.md b/docs/book/src/self-managed/os-disk.md similarity index 100% rename from docs/book/src/topics/os-disk.md rename to docs/book/src/self-managed/os-disk.md diff --git a/docs/book/src/topics/publicmec-clusters.md b/docs/book/src/self-managed/publicmec-clusters.md similarity index 95% rename from docs/book/src/topics/publicmec-clusters.md rename to docs/book/src/self-managed/publicmec-clusters.md index 1374604fce4..8a88fdf9849 100644 --- a/docs/book/src/topics/publicmec-clusters.md +++ b/docs/book/src/self-managed/publicmec-clusters.md @@ -68,14 +68,14 @@ Execute clusterctl to template the resources: clusterctl init --infrastructure azure clusterctl generate cluster ${CLUSTER_NAME} --kubernetes-version ${KUBERNETES_VERSION} --flavor edgezone > edgezone-cluster.yaml ``` -Public MEC doesn't have access to CAPI images in Azure Marketplace, therefore, users need to prepare CAPI image by themselves. You can follow doc [Custom Images](https://capz.sigs.k8s.io/topics/custom-images.html) to setup custom image. +Public MEC doesn't have access to CAPI images in Azure Marketplace, therefore, users need to prepare CAPI image by themselves. You can follow doc [Custom Images](./custom-images.md) to setup custom image. Apply the modified template to your kind management cluster: ```bash kubectl apply -f edgezone-cluster.yaml ``` -Once target cluster's control plane is up, install [Azure cloud provider components](https://github.com/kubernetes-sigs/cloud-provider-azure/tree/master/helm/cloud-provider-azure) by helm. The minimum version for "out-of-tree" Azure cloud provider is v1.0.3, "in-tree" Azure cloud provider is not supported. (Reference: https://capz.sigs.k8s.io/topics/addons.html#external-cloud-provider) +Once target cluster's control plane is up, install [Azure cloud provider components](https://github.com/kubernetes-sigs/cloud-provider-azure/tree/master/helm/cloud-provider-azure) by helm. The minimum version for "out-of-tree" Azure cloud provider is v1.0.3, "in-tree" Azure cloud provider is not supported. (Reference: ./addons.md#external-cloud-provider) ```bash # get the kubeconfig of the cluster diff --git a/docs/book/src/self-managed/self-managed.md b/docs/book/src/self-managed/self-managed.md new file mode 100644 index 00000000000..a43fd0f7032 --- /dev/null +++ b/docs/book/src/self-managed/self-managed.md @@ -0,0 +1,4 @@ +# Self-Managed Clusters + +This section contains information specific to configuring self-managed Kubernetes clusters using Cluster API Provider for Azure (CAPZ). +See [managed clusters](../managed/managed.md) (AKS) for information specific to provisioning these clusters. diff --git a/docs/book/src/topics/spot-vms.md b/docs/book/src/self-managed/spot-vms.md similarity index 100% rename from docs/book/src/topics/spot-vms.md rename to docs/book/src/self-managed/spot-vms.md diff --git a/docs/book/src/topics/ssh-access.md b/docs/book/src/self-managed/ssh-access.md similarity index 100% rename from docs/book/src/topics/ssh-access.md rename to docs/book/src/self-managed/ssh-access.md diff --git a/docs/book/src/topics/troubleshooting.md b/docs/book/src/self-managed/troubleshooting.md similarity index 100% rename from docs/book/src/topics/troubleshooting.md rename to docs/book/src/self-managed/troubleshooting.md diff --git a/docs/book/src/topics/trusted-launch-for-vms.md b/docs/book/src/self-managed/trusted-launch-for-vms.md similarity index 100% rename from docs/book/src/topics/trusted-launch-for-vms.md rename to docs/book/src/self-managed/trusted-launch-for-vms.md diff --git a/docs/book/src/topics/vm-diagnostics.md b/docs/book/src/self-managed/vm-diagnostics.md similarity index 100% rename from docs/book/src/topics/vm-diagnostics.md rename to docs/book/src/self-managed/vm-diagnostics.md diff --git a/docs/book/src/topics/vm-identity.md b/docs/book/src/self-managed/vm-identity.md similarity index 100% rename from docs/book/src/topics/vm-identity.md rename to docs/book/src/self-managed/vm-identity.md diff --git a/docs/book/src/topics/wasi.md b/docs/book/src/self-managed/wasi.md similarity index 100% rename from docs/book/src/topics/wasi.md rename to docs/book/src/self-managed/wasi.md diff --git a/docs/book/src/topics/windows.md b/docs/book/src/self-managed/windows.md similarity index 88% rename from docs/book/src/topics/windows.md rename to docs/book/src/self-managed/windows.md index 73f4f27e88f..8fc00166f09 100644 --- a/docs/book/src/topics/windows.md +++ b/docs/book/src/self-managed/windows.md @@ -77,13 +77,13 @@ curl #### Kube-proxy and CNIs for Containerd -The Windows HostProcess Container feature is Alpha for Kubernetes v1.22 and Beta for v1.23. See the Windows [Hostprocess KEP](https://github.com/kubernetes/enhancements/tree/master/keps/sig-windows/1981-windows-privileged-container-support) for more details. Kube-proxy and other CNI's have been updated to run in HostProcess containers. The current implementation is using [kube-proxy and Calico CNI built by sig-windows](https://github.com/kubernetes-sigs/sig-windows-tools/pull/161). Sig-windows is working to upstream the kube-proxy, cni implementations, and improve kubeadm support in the next few releases. +The Windows HostProcess Container feature is Alpha for Kubernetes v1.22 and Beta for v1.23. In v1.28, this feature is on by default and the `WindowsHostProcessContainers` feature gate is no longer recognized. See the Windows [Hostprocess KEP](https://github.com/kubernetes/enhancements/tree/master/keps/sig-windows/1981-windows-privileged-container-support) for more details. Kube-proxy and other CNI's have been updated to run in HostProcess containers. The current implementation is using [kube-proxy and Calico CNI built by sig-windows](https://github.com/kubernetes-sigs/sig-windows-tools/pull/161). Sig-windows is working to upstream the kube-proxy, cni implementations, and improve kubeadm support in the next few releases. Current requirements: - Kubernetes 1.23+ - containerd 1.6+ -- `WindowsHostProcessContainers` feature-gate (Beta / on-by-default for v1.23) turned on for kube-apiserver and kubelet +- `WindowsHostProcessContainers` feature-gate (Beta / on-by-default for v1.23) turned on for kube-apiserver and kubelet, omitted in v1.28 and later These requirements are satisfied by the Windows Containerd Template and Azure Marketplace reference image `cncf-upstream:capi-windows:k8s-1dot22dot1-windows-2019-containerd:2021.10.15` diff --git a/docs/book/src/topics/aso.md b/docs/book/src/topics/aso.md index 20bc151dac4..e9513abde6a 100644 --- a/docs/book/src/topics/aso.md +++ b/docs/book/src/topics/aso.md @@ -8,6 +8,8 @@ CAPZ interfaces with Azure to create and manage some types of resources using [A More context around the decision for CAPZ to pivot towards using ASO can be found in the [proposal](https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/main/docs/proposals/20230123-azure-service-operator.md). +[Visit this page](../managed/asomanagedcluster.md) to learn more about the AzureASOManaged cluster API which provisions an AKS cluster. + ## Primary changes For most users, the introduction of ASO is expected to be fully transparent and backwards compatible. Changes @@ -79,55 +81,3 @@ More details about how ASO manages CRDs can be found [here](https://azure.github **Note:** To install the resource for the newly installed CRDs, make sure that the ASO operator has the authentication to install the resources. Refer [authentication in ASO](https://azure.github.io/azure-service-operator/guide/authentication/) for more details. An example configuration file and demo for `Azure Cache for Redis` can be found [here](https://github.com/Azure-Samples/azure-service-operator-samples/tree/master/azure-votes-redis). - -## Experimental ASO API - -New in CAPZ v1.15.0 is a new flavor of APIs that addresses the following limitations of -the existing CAPZ APIs for advanced use cases: - -- A limited set of Azure resource types can be represented. -- A limited set of Azure resource topologies can be expressed. e.g. Only a single Virtual Network resource can - be reconciled for each CAPZ-managed AKS cluster. -- For each Azure resource type supported by CAPZ, CAPZ generally only uses a single Azure API version to - define resources of that type. -- For each Azure API version known by CAPZ, only a subset of fields defined in that version by the Azure API - spec are exposed by the CAPZ API. - -This new experimental API defines new AzureASOManagedCluster, AzureASOManagedControlPlane, and -AzureASOManagedMachinePool resources. An AzureASOManagedCluster might look like this: - -```yaml -apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1 -kind: AzureASOManagedCluster -metadata: - name: my-cluster - namespace: default -spec: - resources: - - apiVersion: resources.azure.com/v1api20200601 - kind: ResourceGroup - metadata: - name: my-resource-group - spec: - location: eastus -``` - -See [here](https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/main/templates/cluster-template-aks-aso.yaml) for a full AKS example using all the new resources. - -The main element of the new API is `spec.resources` in each new resource, which defines arbitrary, literal ASO -resources inline to be managed by CAPZ. These inline ASO resource definitions take the place of almost all -other configuration currently defined by CAPZ. e.g. Instead of a CAPZ-specific `spec.location` field on the -existing AzureManagedControlPlane, the same value would be expected to be set on an ASO ManagedCluster -resource defined in an AzureASOManagedControlPlane's `spec.resources`. This pattern allows users to define, in -full, any ASO-supported version of a resource type in any of these new CAPZ resources. - -The obvious tradeoff with this new style of API is that CAPZ resource definitions can become more verbose for -basic use cases. To address this, CAPZ still offers flavor templates that use this API with all of the -boilerplate predefined to serve as a starting point for customization. - -The overall theme of this API is to leverage ASO as much as possible for representing Azure resources in the -Kubernetes API, thereby making CAPZ the thinnest possible translation layer between ASO and Cluster API. - -This experiment will help inform CAPZ whether this pattern may be a candidate for a potential v2 API. This -functionality is available behind the `ASOAPI` feature flag (set by the `EXP_ASO_API` environment variable). -Please try it out and offer any feedback! diff --git a/docs/book/src/topics/identities.md b/docs/book/src/topics/identities.md index 8bed8ce91d7..284776b438b 100644 --- a/docs/book/src/topics/identities.md +++ b/docs/book/src/topics/identities.md @@ -138,7 +138,7 @@ This option is only available when the cluster is managed from a Kubernetes clus #### Prerequisites 1. [Create](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities?pivots=identity-mi-methods-azp#create-a-user-assigned-managed-identity) a user-assigned managed identity in Azure. -2. [Create a role assignment](https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/howto-assign-access-portal#use-azure-rbac-to-assign-a-managed-identity-access-to-another-resource) to give the identity Contributor access to the Azure subscription where the workload cluster will be created. +2. [Create a role assignment](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/how-to-assign-access-azure-resource?pivots=identity-mi-access-portal#use-azure-rbac-to-assign-a-managed-identity-access-to-another-resource-using-the-azure-portal) to give the identity Contributor access to the Azure subscription where the workload cluster will be created. 3. Configure the identity on the management cluster nodes by adding it to each worker node VM. If using AKS as the management cluster see [these instructions](https://learn.microsoft.com/azure/aks/use-managed-identity). #### Creating the AzureClusterIdentity @@ -155,15 +155,14 @@ spec: type: UserAssignedMSI tenantID: clientID: - resourceID: allowedNamespaces: list: - ``` -### Assigning VM identities for cloud provider authentication +### Assigning VM identities for cloud provider authentication (self-managed) -When using a user-assigned managed identity to create the workload cluster, a VM identity should also be assigned to each control plane machine in the workload cluster for Azure Cloud Provider to use. See [here](../topics/vm-identity.md#managed-identities) for more information. +When using a user-assigned managed identity to create the workload cluster, a VM identity should also be assigned to each control plane machine in the workload cluster for Azure Cloud Provider to use. See [here](../self-managed/vm-identity.md#managed-identities) for more information. ## Azure Host Identity @@ -173,6 +172,6 @@ The identity assigned to the Azure host which in the control plane provides the - User-assigned Managed Identity - System-assigned Managed Identity - Service Principal -- See details about each type in the [VM identity](vm-identity.md) page +- See details about each type in the [VM identity](../self-managed/vm-identity.md) page More details in [Azure built-in roles documentation](https://learn.microsoft.com/azure/role-based-access-control/built-in-roles). diff --git a/docs/book/src/topics/managedcluster.md b/docs/book/src/topics/managedcluster.md deleted file mode 100644 index 0a091a4556b..00000000000 --- a/docs/book/src/topics/managedcluster.md +++ /dev/null @@ -1,716 +0,0 @@ -# Managed Clusters (AKS) - -- **Feature status:** GA -- **Feature gate:** MachinePool=true - -Cluster API Provider Azure (CAPZ) supports managing Azure -Kubernetes Service (AKS) clusters. CAPZ implements this with three -custom resources: - -- AzureManagedControlPlane -- AzureManagedCluster -- AzureManagedMachinePool - -The combination of AzureManagedControlPlane/AzureManagedCluster -corresponds to provisioning an AKS cluster. AzureManagedMachinePool -corresponds one-to-one with AKS node pools. This also means that -creating an AzureManagedControlPlane requires at least one AzureManagedMachinePool -with `spec.mode` `System`, since AKS expects at least one system pool at creation -time. For more documentation on system node pool refer [AKS Docs](https://learn.microsoft.com/azure/aks/use-system-pools) - -## Deploy with clusterctl - -A clusterctl flavor exists to deploy an AKS cluster with CAPZ. This -flavor requires the following environment variables to be set before -executing clusterctl. - -```bash -# Kubernetes values -export CLUSTER_NAME="my-cluster" -export WORKER_MACHINE_COUNT=2 -export KUBERNETES_VERSION="v1.27.3" - -# Azure values -export AZURE_LOCATION="southcentralus" -export AZURE_RESOURCE_GROUP="${CLUSTER_NAME}" -``` - -***NOTE***: `${CLUSTER_NAME}` should adhere to the RFC 1123 standard. This means that it must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. - -Create a new service principal and save to a local file: - -```bash -az ad sp create-for-rbac --role Contributor --scopes="/subscriptions/${AZURE_SUBSCRIPTION_ID}" --sdk-auth > sp.json -``` - -export the following variables in your current shell. - -```bash -export AZURE_SUBSCRIPTION_ID="$(cat sp.json | jq -r .subscriptionId | tr -d '\n')" -export AZURE_CLIENT_SECRET="$(cat sp.json | jq -r .clientSecret | tr -d '\n')" -export AZURE_CLIENT_ID="$(cat sp.json | jq -r .clientId | tr -d '\n')" -export AZURE_TENANT_ID="$(cat sp.json | jq -r .tenantId | tr -d '\n')" -export AZURE_NODE_MACHINE_TYPE="Standard_D2s_v3" -export AZURE_CLUSTER_IDENTITY_SECRET_NAME="cluster-identity-secret" -export AZURE_CLUSTER_IDENTITY_SECRET_NAMESPACE="default" -export CLUSTER_IDENTITY_NAME="cluster-identity" -``` - -Managed clusters require the Cluster API "MachinePool" feature flag enabled. You can do that via an environment variable thusly: - -```bash -export EXP_MACHINE_POOL=true -``` - -Optionally, you can enable the CAPZ "AKSResourceHealth" feature flag as well: - -```bash -export EXP_AKS_RESOURCE_HEALTH=true -``` - -Create a local kind cluster to run the management cluster components: - -```bash -kind create cluster -``` - -Create an identity secret on the management cluster: - -```bash -kubectl create secret generic "${AZURE_CLUSTER_IDENTITY_SECRET_NAME}" --from-literal=clientSecret="${AZURE_CLIENT_SECRET}" -``` - -Execute clusterctl to template the resources, then apply to your kind management cluster: - -```bash -clusterctl init --infrastructure azure -clusterctl generate cluster ${CLUSTER_NAME} --kubernetes-version ${KUBERNETES_VERSION} --flavor aks > cluster.yaml - -# assumes an existing management cluster -kubectl apply -f cluster.yaml - -# check status of created resources -kubectl get cluster-api -o wide -``` - -## Specification - -We'll walk through an example to view available options. - -```yaml -apiVersion: cluster.x-k8s.io/v1beta1 -kind: Cluster -metadata: - name: my-cluster -spec: - clusterNetwork: - services: - cidrBlocks: - - 192.168.0.0/16 - controlPlaneRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: AzureManagedControlPlane - name: my-cluster-control-plane - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: AzureManagedCluster - name: my-cluster ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedControlPlane -metadata: - name: my-cluster-control-plane -spec: - location: southcentralus - resourceGroupName: foo-bar - sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} - subscriptionID: 00000000-0000-0000-0000-000000000000 # fake uuid - version: v1.21.2 - networkPolicy: azure # or calico - networkPlugin: azure # or kubenet - sku: - tier: Free # or Standard - addonProfiles: - - name: azureKeyvaultSecretsProvider - enabled: true - - name: azurepolicy - enabled: true ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedCluster -metadata: - name: my-cluster ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: MachinePool -metadata: - name: agentpool0 -spec: - clusterName: my-cluster - replicas: 2 - template: - spec: - clusterName: my-cluster - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: AzureManagedMachinePool - name: agentpool0 - namespace: default - version: v1.21.2 ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedMachinePool -metadata: - name: agentpool0 -spec: - mode: System - osDiskSizeGB: 30 - sku: Standard_D2s_v3 ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: MachinePool -metadata: - name: agentpool1 -spec: - clusterName: my-cluster - replicas: 2 - template: - spec: - clusterName: my-cluster - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: AzureManagedMachinePool - name: agentpool1 - namespace: default - version: v1.21.2 ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedMachinePool -metadata: - name: agentpool1 -spec: - mode: User - osDiskSizeGB: 40 - sku: Standard_D2s_v4 -``` - -Please note that we don't declare a configuration for the apiserver endpoint. This configuration data will be populated automatically based on the data returned from AKS API during cluster create as `.spec.controlPlaneEndpoint.Host` and `.spec.controlPlaneEndpoint.Port` in both the `AzureManagedCluster` and `AzureManagedControlPlane` resources. Any user-provided data will be ignored and overwritten by data returned from the AKS API. - -The [CAPZ API reference documentation](../reference/v1beta1-api.html) describes all of the available options. See also the AKS API documentation for [Agent Pools](https://learn.microsoft.com/rest/api/aks/agent-pools/create-or-update?tabs=HTTP) and [Managed Clusters](https://learn.microsoft.com/rest/api/aks/managed-clusters/create-or-update?tabs=HTTP). - -The main features for configuration are: - -- [networkPolicy](https://learn.microsoft.com/azure/aks/concepts-network#network-policies) -- [networkPlugin](https://learn.microsoft.com/azure/aks/concepts-network#azure-virtual-networks) -- [addonProfiles](https://learn.microsoft.com/cli/azure/aks/addon?view=azure-cli-latest#az-aks-addon-list-available) - for additional addons not listed below, look for the `*ADDON_NAME` values in [this code](https://github.com/Azure/azure-cli/blob/main/src/azure-cli/azure/cli/command_modules/acs/_consts.py). - -| addon name | YAML value | -|---------------------------|---------------------------| -| http_application_routing | httpApplicationRouting | -| monitoring | omsagent | -| virtual-node | aciConnector | -| kube-dashboard | kubeDashboard | -| azure-policy | azurepolicy | -| ingress-appgw | ingressApplicationGateway | -| confcom | ACCSGXDevicePlugin | -| open-service-mesh | openServiceMesh | -| azure-keyvault-secrets-provider | azureKeyvaultSecretsProvider | -| gitops | Unsupported? | -| web_application_routing | Unsupported? | - -### Use an existing Virtual Network to provision an AKS cluster - -If you'd like to deploy your AKS cluster in an existing Virtual Network, but create the cluster itself in a different resource group, you can configure the AzureManagedControlPlane resource with a reference to the existing Virtual Network and subnet. For example: - -```yaml -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedControlPlane -metadata: - name: my-cluster-control-plane -spec: - location: southcentralus - resourceGroupName: foo-bar - sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} - subscriptionID: 00000000-0000-0000-0000-000000000000 # fake uuid - version: v1.21.2 - virtualNetwork: - cidrBlock: 10.0.0.0/8 - name: test-vnet - resourceGroup: test-rg - subnet: - cidrBlock: 10.0.2.0/24 - name: test-subnet -``` - -### Enable AKS features with custom headers (--aks-custom-headers) - -CAPZ no longer supports passing custom headers to AKS APIs with `infrastructure.cluster.x-k8s.io/custom-header-` annotations. -Custom headers are deprecated in AKS in favor of new features first landing in preview API versions: - -https://github.com/Azure/azure-rest-api-specs/pull/18232 - -### Disable Local Accounts in AKS when using Azure Active Directory - -When deploying an AKS cluster, local accounts are enabled by default. -Even when you enable RBAC or Azure AD integration, ---admin access still exists as a non-auditable backdoor option. -Disabling local accounts closes the backdoor access to the cluster -Example to disable local accounts for AAD enabled cluster. - -```yaml -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedMachinePool -metadata: - ... -spec: - aadProfile: - managed: true - adminGroupObjectIDs: - - 00000000-0000-0000-0000-000000000000 # group object id created in azure. - disableLocalAccounts: true - ... -``` - -Note: CAPZ and CAPI requires access to the target cluster to maintain and manage the cluster. -Disabling local accounts will cut off direct access to the target cluster. -CAPZ and CAPI can access target cluster only via the Service Principal, -hence the user has to provide appropriate access to the Service Principal to access the target cluster. -User can do that by adding the Service Principal to the appropriate group defined in Azure and -add the corresponding group ID in `spec.aadProfile.adminGroupObjectIDs`. -CAPI and CAPZ will be able to authenticate via AAD while accessing the target cluster. - -### AKS Fleet Integration - -CAPZ supports joining your managed AKS clusters to a single AKS fleet. Azure Kubernetes Fleet Manager (Fleet) enables at-scale management of multiple Azure Kubernetes Service (AKS) clusters. For more documentation on Azure Kubernetes Fleet Manager, refer [AKS Docs](https://learn.microsoft.com/azure/kubernetes-fleet/overview) - -To join a CAPZ cluster to an AKS fleet, you must first create an AKS fleet manager. For more information on how to create an AKS fleet manager, refer [AKS Docs](https://learn.microsoft.com/en-us/azure/kubernetes-fleet/quickstart-create-fleet-and-members). This fleet manager will be your point of reference for managing any CAPZ clusters that you join to the fleet. - -Once you have created an AKS fleet manager, you can join your CAPZ cluster to the fleet by adding the `fleetsMember` field to your AzureManagedControlPlane resource spec: - -```yaml -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedControlPlane -metadata: - name: ${CLUSTER_NAME} - namespace: default -spec: - fleetsMember: - group: fleet-update-group - managerName: fleet-manager-name - managerResourceGroup: fleet-manager-resource-group -``` - -The `managerName` and `managerResourceGroup` fields are the name and resource group of your AKS fleet manager. The `group` field is the name of the update group for the cluster, not to be confused with the resource group. - -When the `fleetMember` field is included, CAPZ will create an AKS fleet member resource which will join the CAPZ cluster to the AKS fleet. The AKS fleet member resource will be created in the same resource group as the CAPZ cluster. - -### AKS Extensions - -CAPZ supports enabling AKS extensions on your managed AKS clusters. Cluster extensions provide an Azure Resource Manager driven experience for installation and lifecycle management of services like Azure Machine Learning or Kubernetes applications on an AKS cluster. For more documentation on AKS extensions, refer [AKS Docs](https://learn.microsoft.com/azure/aks/cluster-extensions). - -You can either provision official AKS extensions or Kubernetes applications through Marketplace. Please refer to [AKS Docs](https://learn.microsoft.com/en-us/azure/aks/cluster-extensions#currently-available-extensions) for the list of currently available extensions. - -To add an AKS extension to your managed cluster, simply add the `extensions` field to your AzureManagedControlPlane resource spec: - -```yaml -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedControlPlane -metadata: - name: ${CLUSTER_NAME} - namespace: default -spec: - extensions: - - name: my-extension - extensionType: "TraefikLabs.TraefikProxy" - plan: - name: "traefik-proxy" - product: "traefik-proxy" - publisher: "containous" -``` - -To list all of the available extensions for your cluster as well as its plan details, use the following az cli command: - -```bash -az k8s-extension extension-types list-by-cluster --resource-group my-resource-group --cluster-name mycluster --cluster-type managedClusters -``` - -For more details, please refer to the [az k8s-extension cli reference](https://learn.microsoft.com/cli/azure/k8s-extension). - - -### Security Profile for AKS clusters. - -Example for configuring AzureManagedControlPlane with a security profile: - -```yaml -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedControlPlane -metadata: - name: my-cluster-control-plane -spec: - location: southcentralus - resourceGroupName: foo-bar - sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} - subscriptionID: 00000000-0000-0000-0000-000000000000 # fake uuid - version: v1.26.6 - identity: - type: UserAssigned - userAssignedIdentityResourceID: /subscriptions/00000000-0000-0000-0000-00000000/resourcegroups//providers/Microsoft.ManagedIdentity/userAssignedIdentities/ - oidcIssuerProfile: - enabled: true - securityProfile: - workloadIdentity: - enabled: true - imageCleaner: - enabled: true - intervalHours: 48 - azureKeyVaultKms: - enabled: true - keyID: https://key-vault.vault.azure.net/keys/secret-key/00000000000000000 - defender: - logAnalyticsWorkspaceResourceID: /subscriptions/00000000-0000-0000-0000-00000000/resourcegroups//providers/Microsoft.ManagedIdentity/userAssignedIdentities/ - securityMonitoring: - enabled: true -``` - -### Enabling Preview API Features for ManagedClusters - -#### :warning: WARNING: This is meant to be used sparingly to enable features for development and testing that are not otherwise represented in the CAPZ API. Misconfiguration that conflicts with CAPZ's normal mode of operation is possible. - -To enable preview features for managed clusters, you can use the `enablePreviewFeatures` field in the `AzureManagedControlPlane` resource spec. To use any of the new fields included in the preview API version, use the `asoManagedClusterPatches` field in the `AzureManagedControlPlane` resource spec and the `asoManagedClustersAgentPoolPatches` field in the `AzureManagedMachinePool` resource spec to patch in the new fields. - -Please refer to the [ASO Docs](https://azure.github.io/azure-service-operator/reference/containerservice/) for the ContainerService API reference for the latest preview fields and their usage. - -Example for enabling preview features for managed clusters: - -```yaml -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedControlPlane -metadata: - name: ${CLUSTER_NAME} - namespace: default -spec: - enablePreviewFeatures: true - asoManagedClusterPatches: - - '{"spec": {"enableNamespaceResources": true}}' ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureManagedMachinePool -metadata: - ... -spec: - asoManagedClustersAgentPoolPatches: - - '{"spec": {"enableCustomCATrust": true}}' -``` - -#### OIDC Issuer on AKS - -Setting `AzureManagedControlPlane.Spec.oidcIssuerProfile.enabled` to `true` will enable OIDC issuer profile for the `AzureManagedControlPlane`. Once enabled, you will see a configmap named `-aso-oidc-issuer-profile` in the same namespace as the `AzureManagedControlPlane` resource. This configmap will contain the OIDC issuer profile url under the `oidc-issuer-profile-url` key. - -Once OIDC issuer is enabled on the cluster, it's not supported to disable it. - -To learn more about OIDC and AKS refer [AKS Docs on OIDC issuer](https://learn.microsoft.com/en-us/azure/aks/use-oidc-issuer). - - -## Features - -AKS clusters deployed from CAPZ currently only support a limited, -"blessed" configuration. This was primarily to keep the initial -implementation simple. If you'd like to run managed AKS cluster with CAPZ -and need an additional feature, please open a pull request or issue with -details. We're happy to help! - -## Best Practices - -A set of best practices for managing AKS clusters is documented here: https://learn.microsoft.com/azure/aks/best-practices - -## Troubleshooting - -If a user tries to delete the MachinePool which refers to the last system node pool AzureManagedMachinePool webhook will reject deletion, so time stamp never gets set on the AzureManagedMachinePool. However the timestamp would be set on the MachinePool and would be in deletion state. To recover from this state create a new MachinePool manually referencing the AzureManagedMachinePool, edit the required references and finalizers to link the MachinePool to the AzureManagedMachinePool. In the AzureManagedMachinePool remove the owner reference to the old MachinePool, and set it to the new MachinePool. Once the new MachinePool is pointing to the AzureManagedMachinePool you can delete the old MachinePool. To delete the old MachinePool remove the finalizers in that object. - -Here is an Example: - -```yaml -# MachinePool deleted -apiVersion: cluster.x-k8s.io/v1beta1 -kind: MachinePool -metadata: - finalizers: # remove finalizers once new object is pointing to the AzureManagedMachinePool - - machinepool.cluster.x-k8s.io - labels: - cluster.x-k8s.io/cluster-name: capz-managed-aks - name: agentpool0 - namespace: default - ownerReferences: - - apiVersion: cluster.x-k8s.io/v1beta1 - kind: Cluster - name: capz-managed-aks - uid: 152ecf45-0a02-4635-987c-1ebb89055fa2 - uid: ae4a235a-f0fa-4252-928a-0e3b4c61dbea -spec: - clusterName: capz-managed-aks - minReadySeconds: 0 - providerIDList: - - azure:///subscriptions/9107f2fb-e486-a434-a948-52e2929b6f18/resourceGroups/MC_rg_capz-managed-aks_eastus/providers/Microsoft.Compute/virtualMachineScaleSets/aks-agentpool0-10226072-vmss/virtualMachines/0 - replicas: 1 - template: - metadata: {} - spec: - bootstrap: - dataSecretName: "" - clusterName: capz-managed-aks - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: AzureManagedMachinePool - name: agentpool0 - namespace: default - version: v1.21.2 - ---- -# New Machinepool -apiVersion: cluster.x-k8s.io/v1beta1 -kind: MachinePool -metadata: - finalizers: - - machinepool.cluster.x-k8s.io - generation: 2 - labels: - cluster.x-k8s.io/cluster-name: capz-managed-aks - name: agentpool2 # change the name of the machinepool - namespace: default - ownerReferences: - - apiVersion: cluster.x-k8s.io/v1beta1 - kind: Cluster - name: capz-managed-aks - uid: 152ecf45-0a02-4635-987c-1ebb89055fa2 - # uid: ae4a235a-f0fa-4252-928a-0e3b4c61dbea # remove the uid set for machinepool -spec: - clusterName: capz-managed-aks - minReadySeconds: 0 - providerIDList: - - azure:///subscriptions/9107f2fb-e486-a434-a948-52e2929b6f18/resourceGroups/MC_rg_capz-managed-aks_eastus/providers/Microsoft.Compute/virtualMachineScaleSets/aks-agentpool0-10226072-vmss/virtualMachines/0 - replicas: 1 - template: - metadata: {} - spec: - bootstrap: - dataSecretName: "" - clusterName: capz-managed-aks - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: AzureManagedMachinePool - name: agentpool0 - namespace: default - version: v1.21.2 -``` - -## Joining self-managed VMSS nodes to an AKS control plane - - - -### Creating the MachinePool - -You can add a self-managed VMSS node pool to any CAPZ-managed AKS cluster by applying the following resources to the management cluster: - -```yaml -apiVersion: cluster.x-k8s.io/v1beta1 -kind: MachinePool -metadata: - name: ${CLUSTER_NAME}-vmss - namespace: default -spec: - clusterName: ${CLUSTER_NAME} - replicas: ${WORKER_MACHINE_COUNT} - template: - spec: - bootstrap: - configRef: - apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 - kind: KubeadmConfig - name: ${CLUSTER_NAME}-vmss - clusterName: ${CLUSTER_NAME} - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: AzureMachinePool - name: ${CLUSTER_NAME}-vmss - version: ${KUBERNETES_VERSION} ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureMachinePool -metadata: - name: ${CLUSTER_NAME}-vmss - namespace: default -spec: - location: ${AZURE_LOCATION} - strategy: - rollingUpdate: - deletePolicy: Oldest - maxSurge: 25% - maxUnavailable: 1 - type: RollingUpdate - template: - osDisk: - diskSizeGB: 30 - managedDisk: - storageAccountType: Premium_LRS - osType: Linux - sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""} - vmSize: ${AZURE_NODE_MACHINE_TYPE} ---- -apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 -kind: KubeadmConfig -metadata: - name: ${CLUSTER_NAME}-vmss - namespace: default -spec: - files: - - contentFrom: - secret: - key: worker-node-azure.json - name: ${CLUSTER_NAME}-vmss-azure-json - owner: root:root - path: /etc/kubernetes/azure.json - permissions: "0644" - - contentFrom: - secret: - key: value - name: ${CLUSTER_NAME}-kubeconfig - owner: root:root - path: /etc/kubernetes/admin.conf - permissions: "0644" - joinConfiguration: - discovery: - file: - kubeConfigPath: /etc/kubernetes/admin.conf - nodeRegistration: - kubeletExtraArgs: - cloud-provider: external - name: '{{ ds.meta_data["local_hostname"] }}' - preKubeadmCommands: - - kubeadm init phase upload-config all - ``` - -### Installing Addons - -In order for the nodes to become ready, you'll need to install Cloud Provider Azure and a CNI. - -AKS will install Cloud Provider Azure on the self-managed nodes as long as they have the appropriate labels. You can add the required label on the nodes by running the following command on the AKS cluster: - -```bash -kubectl label node kubernetes.azure.com/cluster= -``` - -Repeat this for each node in the MachinePool. - - - -For the CNI, you can install the CNI of your choice. For example, to install Azure CNI, run the following command on the AKS cluster: - -```bash -kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-azure/main/templates/addons/azure-cni-v1.yaml -``` - -### Notes - -Some notes about how this works under the hood: - -- CAPZ will fetch the kubeconfig for the AKS cluster and store it in a secret named `${CLUSTER_NAME}-kubeconfig` in the management cluster. That secret is then used for discovery by the `KubeadmConfig` resource. -- You can customize the `MachinePool`, `AzureMachinePool`, and `KubeadmConfig` resources to your liking. The example above is just a starting point. Note that the key configurations to keep are in the `KubeadmConfig` resource, namely the `files`, `joinConfiguration`, and `preKubeadmCommands` sections. -- The `KubeadmConfig` resource will be used to generate a `kubeadm join` command that will be executed on each node in the VMSS. It uses the cluster kubeconfig for discovery. The `kubeadm init phase upload-config all` is run as a preKubeadmCommand to ensure that the kubeadm and kubelet configurations are uploaded to a ConfigMap. This step would normally be done by the `kubeadm init` command, but since we're not running `kubeadm init` we need to do it manually. - -## Adopting Existing AKS Clusters - -### Option 1: Using the experimental ASO-based API - - -The [experimental AzureASOManagedControlPlane and related APIs](/topics/aso.html#experimental-aso-api) support -adoption as a first-class use case. Going forward, this method is likely to be easier, more reliable, include -more features, and better supported for adopting AKS clusters than Option 2 below. - -To adopt an AKS cluster into a full Cluster API Cluster, create an ASO ManagedCluster and associated -ManagedClustersAgentPool resources annotated with `sigs.k8s.io/cluster-api-provider-azure-adopt=true`. The -annotation may also be added to existing ASO resources to trigger adoption. CAPZ will automatically scaffold -the Cluster API resources like the Cluster, AzureASOManagedCluster, AzureASOManagedControlPlane, MachinePools, -and AzureASOManagedMachinePools. The [`asoctl import -azure-resource`](https://azure.github.io/azure-service-operator/tools/asoctl/#import-azure-resource) command -can help generate the required YAML. - -Caveats: -- The `asoctl import azure-resource` command has at least [one known - bug](https://github.com/Azure/azure-service-operator/issues/3805) requiring the YAML it generates to be - edited before it can be applied to a cluster. -- CAPZ currently only records the ASO resources in the CAPZ resources' `spec.resources` that it needs to - function, which include the ManagedCluster, its ResourceGroup, and associated ManagedClustersAgentPools. - Other resources owned by the ManagedCluster like Kubernetes extensions or Fleet memberships are not - currently imported to the CAPZ specs. -- Configuring the automatically generated Cluster API resources is not currently possible. If you need to - change something like the `metadata.name` of a resource from what CAPZ generates, create the Cluster API - resources manually referencing the pre-existing resources. -- Adopting existing clusters created with the GA AzureManagedControlPlane API to the experimental API with - this method is theoretically possible, but untested. Care should be taken to prevent CAPZ from reconciling - two different representations of the same underlying Azure resources. - -### Option 2: Using the current AzureManagedControlPlane API - - - -CAPZ can adopt some AKS clusters created by other means under its management. This works by crafting CAPI and -CAPZ manifests which describe the existing cluster and creating those resources on the CAPI management -cluster. This approach is limited to clusters which can be described by the CAPZ API, which includes the -following constraints: - -- the cluster operates within a single Virtual Network and Subnet -- the cluster's Virtual Network exists outside of the AKS-managed `MC_*` resource group -- the cluster's Virtual Network and Subnet are not shared with any other resources outside the context of this cluster - -To ensure CAPZ does not introduce any unwarranted changes while adopting an existing cluster, carefully review -the [entire AzureManagedControlPlane spec](../reference/v1beta1-api#infrastructure.cluster.x-k8s.io/v1beta1.AzureManagedControlPlaneSpec) -and specify _every_ field in the CAPZ resource. CAPZ's webhooks apply defaults to many fields which may not -match the existing cluster. - -Specific AKS features not represented in the CAPZ API, like those from a newer AKS API version than CAPZ uses, -do not need to be specified in the CAPZ resources to remain configured the way they are. CAPZ will still not -be able to manage that configuration, but it will not modify any settings beyond those for which it has -knowledge. - -By default, CAPZ will not make any changes to or delete any pre-existing Resource Group, Virtual Network, or -Subnet resources. To opt-in to CAPZ management for those clusters, tag those resources with the following -before creating the CAPZ resources: `sigs.k8s.io_cluster-api-provider-azure_cluster_: owned`. -Managed Cluster and Agent Pool resources do not need this tag in order to be adopted. - -After applying the CAPI and CAPZ resources for the cluster, other means of managing the cluster should be -disabled to avoid ongoing conflicts with CAPZ's reconciliation process. - -#### Pitfalls - -The following describes some specific pieces of configuration that deserve particularly careful attention, -adapted from https://gist.github.com/mtougeron/1e5d7a30df396cd4728a26b2555e0ef0#file-capz-md. - -- Make sure `AzureManagedControlPlane.metadata.name` matches the AKS cluster name -- Set the `AzureManagedControlPlane.spec.virtualNetwork` fields to match your existing VNET -- Make sure the `AzureManagedControlPlane.spec.sshPublicKey` matches what was set on the AKS cluster. (including any potential newlines included in the base64 encoding) - - NOTE: This is a required field in CAPZ, if you don't know what public key was used, you can _change_ or _set_ it via the Azure CLI however before attempting to import the cluster. -- Make sure the `Cluster.spec.clusterNetwork` settings match properly to what you are using in AKS -- Make sure the `AzureManagedControlPlane.spec.dnsServiceIP` matches what is set in AKS -- Set the tag `sigs.k8s.io_cluster-api-provider-azure_cluster_` = `owned` on the AKS cluster -- Set the tag `sigs.k8s.io_cluster-api-provider-azure_role` = `common` on the AKS cluster - -NOTE: Several fields, like `networkPlugin`, if not set on the AKS cluster at creation time, will mean that CAPZ will not be able to set that field. AKS doesn't allow such fields to be changed if not set at creation. However, if it was set at creation time, CAPZ will be able to successfully change/manage the field. diff --git a/docs/book/src/topics/multitenancy.md b/docs/book/src/topics/multitenancy.md index c028b989725..0ee3a9695cd 100644 --- a/docs/book/src/topics/multitenancy.md +++ b/docs/book/src/topics/multitenancy.md @@ -20,7 +20,7 @@ Please note NamespaceList will take precedence over Selector if both are set.